Lucene search
K

5 matches found

Atlassian
Atlassian
added 2026/06/02 4:29 p.m.9 views

BASM (Broken Authentication & Session Management) org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center and Server

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity BASM Broken Authentication & Session Management vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0,...

9.8CVSS5.3AI score0.01233EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/02 4:29 p.m.13 views

Improper Authorization org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Improper Authorization vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1,...

9.1CVSS5.9AI score0.01136EPSS
Exploits1
Atlassian
Atlassian
added 2026/05/06 4:29 p.m.26 views

Improper Encoding org.apache.tomcat:tomcat-catalina Dependency in Jira Software Data Center

This High severity Improper Encoding vulnerability known as CVE-2026-34483 was introduced in version 11.3.0. This Improper Encoding or Escaping of Output vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticated attacker to...

7.5CVSS5.8AI score0.00461EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/05 10:29 a.m.28 views

HTTP Request/Response Smuggling Apache Tomcat Dependency in Confluence Data Center

This High severity HTTP Request/Response Smuggling vulnerability was introduced in versions 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This HTTP Request/Response Smuggling vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.8AI score0.00453EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2023/09/04 12:19 p.m.3 views

FileUpload: FileUpload DoS with excessive parts

A flaw was found in Apache Commons FileUpload, where it does not limit the number of parts being processed in a request. This issue may allow an attacker to use a malicious upload or series of uploads to trigger a denial of service. While Red Hat Satellite relies upon Apache Tomcat, it does not...

7.5CVSS6.6AI score0.46836EPSS
Exploits1References5
Rows per page
Query Builder