Lucene search
K
AtlassianMost viewed

4295 matches found

Atlassian
Atlassian
added 2020/02/17 6:0 a.m.235 views

Spring Framework Vulnerability - CVE-2020-5398

h3. Issue Summary Security vulnerability scan gave a red flag for Spring Framework plugin version that is used in Bitbucket Server version 6.10.0. The CVE-2020-5398 is being noted from the report scan. h3. Description Plugin: Spring Framework 5.0.x 5.0.16 / 5.1.x 5.1.13 / 5.2.x 5.2.3 Spring...

8CVSS3.3AI score0.88077EPSS
Exploits2Affected Software1
Atlassian
Atlassian
added 2017/08/16 7:38 a.m.234 views

Filter Subscription emails should not be sent to deactivated users.

h3. Summary Email Filter Subscriptions are still sent after an user is marked as deactivated. h3. Steps to Reproduce Create a user belonging to jira-users group Deactivate the user Create a filter and subscribed to jira-users group Filter used: issuekey in issueHistory ORDER BY lastViewed DESC...

1.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2022/01/27 1:24 p.m.226 views

Upgrade Tomcat to version 8.5.75 - CVE-2020-9484/CVE-2022-23181

The latest version of Tomcat bundled in Jira 8.21 is 8.5.72. Vulnerability is referenced in the fixedinapachetomcat8.5.75security-8 advisory. panel CVE-2020-9484 When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is...

7CVSS7.3AI score0.56636EPSS
Exploits15
Atlassian
Atlassian
added 2014/02/20 12:35 p.m.220 views

Grant "Browse Project" permission to "User Custom Field Value" makes project visible to all users

panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Server. Using JIRA Cloud? See the corresponding bug report|http://jira.atlassian.com/browse/JRACLOUD-37117. panel If in your permission schema, you grant Browse Project permission to "User Custom Field Value", the project is visible to all...

2.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/04/21 3:15 a.m.220 views

XSS vulnerability in FishEye/Crucible dashboard - review activity

We have identified and fixed a cross-site scripting XSS vulnerability in the FishEye/Crucible dashboard - review activity.. Affected versions are FishEye/Crucible 2.2.8 to 2.5.2 inclusive. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a FishEye/Crucible page...

0.4AI score
Exploits0
Atlassian
Atlassian
added 2011/04/21 3:15 a.m.219 views

XSS vulnerability in FishEye/Crucible dashboard - review activity

We have identified and fixed a cross-site scripting XSS vulnerability in the FishEye/Crucible dashboard - review activity.. Affected versions are FishEye/Crucible 2.2.8 to 2.5.2 inclusive. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a FishEye/Crucible page...

0.4AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2002/05/22 12:31 p.m.218 views

Problem when signing up for new user Account from login page

I signed up for a new user account from the login page, filled in a username, password, name and e-mail. Then I tried to login with the new username and got this exception: java.lang.NullPointerException at com.opensymphony.module.user.User.getGroupsUser.java:94 at...

0.4AI score
Exploits0
Atlassian
Atlassian
added 2019/10/18 12:17 a.m.217 views

IDOR View Private Unrelease and Release Titles

h3. Reported by bug bounty|https://tracker.bugcrowd.com/atlassian/submissions/73229d116b86b26d234a76ba428a5d02a68cfa716a7ce8b3912ad67c3c653932 h3. Issue Summary A non-admin is able to view the "release version" page but not make a release. h3. Steps to Reproduce Open two browsers and login as adm...

1.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2023/06/09 1:54 a.m.211 views

Apache Tomcat CVE-2023-28709

h3. Issue summary Apache Tomcat should be upgraded to 9.0.74 or a later version to fix CVE-2023-28709|https://nvd.nist.gov/vuln/detail/CVE-2023-28709 h3. Environment Bitbucket 8.10.x and 8.11 h3. Steps to Reproduce Check the Apache Tomcat version on pom.xml h3. Expected Results Bitbucket 8.10 and...

7.5CVSS7.2AI score0.51547EPSS
Exploits1
Atlassian
Atlassian
added 2023/11/02 3:5 p.m.207 views

Update ActiveMQ to fix CVE-2023-46604

h3. Issue Summary Bamboo relies on ActiveMQ libraries version /atlassian-bamboo/WEB-INF/lib: noformat $ ls -al /opt/atlassian/bamboo/atlassian-bamboo/WEB-INF/lib ls | grep activemq- activemq-broker-5.18.2.jar activemq-client-5.18.2.jar activemq-http-5.18.2.jar activemq-jms-pool-5.18.2.jar...

10CVSS9.4AI score0.99654EPSS
Exploits31
Atlassian
Atlassian
added 2017/03/14 1:20 p.m.207 views

Upgrade Tomcat to the version 8.5.29

Current version of Tomcat 8.5.6 bundled with JIRA 7.3.x is vulnerable to https://tomcat.apache.org/security-8.htmlFixedinApacheTomcat8.5.9. Customer would like the Tomcat to be upgraded to the latest version available as their client is no longer willing to run JIRA without having the tomcat...

9.8CVSS0.5AI score0.99988EPSS
Exploits28Affected Software1
Atlassian
Atlassian
added 2020/02/21 8:37 a.m.205 views

Upgrade Bouncy Castle to fix multiple CVEs

h3. Issue Summary Jira uses Bouncy Castle library in version 1.50 that's vulnerable to 10 CVEs: https://www.cvedetails.com/cve/CVE-2015-7940/ https://www.cvedetails.com/cve/CVE-2016-1000338/ https://www.cvedetails.com/cve/CVE-2016-1000339/ https://www.cvedetails.com/cve/CVE-2016-1000341/...

7.5CVSS6.7AI score0.0482EPSS
Exploits0
Atlassian
Atlassian
added 2016/02/19 12:4 a.m.205 views

Upgrade Tomcat to the latest 8.0.x release

h3. Summary We are currently on 8.0.17 and have already been bitten by a bug in it: https://bz.apache.org/bugzilla/showbug.cgi?id=57476 We should upgrade to the latest to get the latest bugfixes. Also, there have been a number of recent CVEs involving Tomcat, most of which involve SecurityManager...

8.8CVSS7.1AI score0.1838EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2019/04/12 6:34 a.m.204 views

User are receiving mobile notifications of restricted Jira comments that they cannot view when accessing Jira through a browser

Hi Jira Server mobile app beta users, We recently discovered a bug where Jira Server mobile app users receive all comment notifications from Jira issues they’re watching or assigned to, even if the comment had been restricted to exclude them. This means they’ll be able to view the content of...

2.5AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2019/02/13 12:37 a.m.203 views

Insufficient Session Expiration of user sessions - CVE-2018-20238

Various rest resources in Atlassian Crowd before version 3.2.7 and from version 3.3.0 before version 3.3.4 allow remote attackers to authenticate using an expired user session via an insufficient session expiration vulnerability...

8.1CVSS5.4AI score0.01513EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2014/06/26 7:39 p.m.203 views

Update Tomcat Native DLL in JIRA Installer

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-38927. panel quote 7 new vulnerabilities were announced for OpenSSL on 5 June 2014. These vulnerabilities affect Tomcat Native, which ships...

7.5CVSS2.2AI score0.99999EPSS
Exploits87Affected Software1
Atlassian
Atlassian
added 2022/03/15 7:56 p.m.198 views

Vulnerable version of xmlsec used - CVE-2021-40690

Affected versions of Atlassian Jira Server and Data Center used versions of xmlsec that were vulnerable to CVE-2021-40690. Affected versions: version 8.22.2 Workaround: version 8.22.2 LTS versions 8.13 and versions up to 8.20.14 should also apply this workaround. This is permanently fixed in...

7.5CVSS1.7AI score0.10448EPSS
Exploits0
Atlassian
Atlassian
added 2021/07/21 12:18 a.m.197 views

Pre-Authorization Arbitrary File Read in /s/ endpoint - CVE-2021-26085

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3. This vulnerability was...

5.3CVSS5.6AI score0.99999EPSS
Exploits12Affected Software1
Atlassian
Atlassian
added 2017/08/30 2:6 a.m.196 views

The bundled Atlassian OAuth plugin allows arbitrary HTTP requests to be proxied - CVE-2017-9506

The version of the bundled Atlassian OAuth plugin was vulnerable to Server Side Request Forgery SSRF. This allowed a XSS and or a SSRF attack to be performed. More information about the Atlassian OAuth plugin issue see https://ecosystem.atlassian.net/browse/OAUTH-344 . When running in an...

6.1CVSS1AI score0.71601EPSS
Exploits1Affected Software1
Atlassian
Atlassian
added 2017/04/11 7:47 p.m.195 views

XSS Vulnerability in jira.issueviews:searchrequest-xml

The endpoint /sr/jira.issueviews:searchrequest-xml/temp/SearchRequest.xml/|https://jira.uberinternal.com/sr/jira.issueviews:searchrequest-xml/temp/SearchRequest.xml/-- is vulnerable to an XSS injection in certain cases. Normally, the browser will urlencode its requests, but some proxy servers and...

0.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2017/04/17 8:48 a.m.194 views

Update bundled Apache Tomcat due to security vulnerabilities

Apache has released the Apache Software Foundation Releases Security Updates: https://www.us-cert.gov/ncas/current-activity/2017/04/12/Apache-Software-Foundation-Releases-Security-Updates There are a few vulnerabilities reported: CVE-2017-5648 -...

9.8CVSS7.5AI score0.99988EPSS
Exploits46Affected Software1
Atlassian
Atlassian
added 2019/07/10 9:29 p.m.193 views

Attachment name leakage from restricted space

h3. Issue Summary Hello, This issue was discovered through our bugbounty program and has been verified: User can view attachment names in a restricted space by accessing the following endpoint: noformat http://host/rest/previews/templinksresource/attachmenturl?attachmentId=id noformat h3...

0.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2011/04/21 3:24 a.m.193 views

XSS vulnerability in FishEye/Crucible Reviews List

We have identified and fixed a cross-site scripting XSS vulnerability in the FishEye/Crucible reviews list. Affected versions are FishEye/Crucible 2.2.8 to 2.5.2 inclusive. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a FishEye/Crucible page. You can read...

0.7AI score
Exploits0
Atlassian
Atlassian
added 2023/11/30 7:6 p.m.192 views

Upgrade Tomcat to fix CVE-2023-46589

h3. Issue Summary This is reproducible on Data Center: / Apache Tomcat should be upgraded to 8.5.96 and later or 9.0.83 or a later version to fix CVE-2023-46589|https://nvd.nist.gov/vuln/detail/CVE-2023-46589. h3. Environment From Confluence 6.10.0, which comes with Apache 9.0.8, up to Confluence...

7.5CVSS7.3AI score0.02651EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2009/07/24 5:42 a.m.192 views

Warn about assigning "Anyone" group in Global and Project permissions

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-18076. panel Assigning anyone to global permissions such as a "Browse user" is a sure way to shoot yourself in the foot inadvertently. We mak...

7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2021/07/27 5:13 a.m.189 views

Confluence Server Webwork OGNL injection - CVE-2021-26084

This vulnerability is being actively exploited in the wild. Affected servers should be patched immediately. An OGNL injection vulnerability exists that allows an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The CVE ID is CVE-2021-26084. h4...

9.8CVSS6.1AI score0.99999EPSS
Exploits45
Atlassian
Atlassian
added 2021/02/16 6:28 p.m.189 views

Update jQuery to avoid CVE-2020-11022 and CVE-2020-11023

Crowd was using jQuery version 1.8.3, which is affected by CVE-2020-11023 & CVE-2020-11022. Affected Version/s: 4.0.3, 4.1.1 Fixed Version/s: 4.1.2, 4.0.4, 4.2.0...

6.9CVSS4.7AI score0.99019EPSS
Exploits11Affected Software1
Atlassian
Atlassian
added 2019/08/12 2:44 a.m.188 views

SSRF in the /plugins/servlet/gadgets/makeRequest resource - CVE-2019-8451

The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.4.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery SSRF vulnerability due to a logic bug in the JiraWhitelist class...

6.5CVSS6AI score0.94453EPSS
Exploits2Affected Software1
Atlassian
Atlassian
added 2019/06/23 10:48 p.m.188 views

Denial of service in issue searching through Epic Name ordering - CVE-2019-11583

The issue searching component in Jira before version 8.1.0 allows remote attackers to deny access to Jira service via denial of service vulnerability in issue search when ordering by "Epic Name"...

6.5CVSS5.8AI score0.01501EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2022/01/14 1:13 p.m.187 views

Update Log4J to 1.2.17-atlassian-15 to fix CVE-2021-4104

Log4J version 1.2.17-atlassian-3 used in Fisheye and Crucible is vulnerable to CVE-2021-4104. The JMSAppender in Log4J 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4J configuration. Note this issue only affects Log4J 1.2 when specifically...

7.5CVSS1.9AI score0.81147EPSS
Exploits9
Atlassian
Atlassian
added 2019/02/14 9:15 p.m.185 views

Stored XSS in administrative linker functionality through the href parameter - CVE-2018-20240

The administrative linker functionality in Atlassian Fisheye before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the href parameter...

4.8CVSS4.4AI score0.00889EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2019/04/29 3:50 a.m.184 views

Lax path access check allowing access to webroot files in the META-INF directory in the CachingResourceDownloadRewriteRule class - CVE-2019-8442

The CachingResourceDownloadRewriteRule class in Jira before version 7.13.4, and from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to access files in the Jira webroot under the META-INF directory via a lax path access check...

7.5CVSS6AI score0.59832EPSS
Exploits1Affected Software1
Atlassian
Atlassian
added 2015/10/27 7:37 p.m.183 views

Insecure Direct Object Reference

The following URL is vulnerable to Insecure Direct Object Reference, allowing any authenticated user to read configuration files from the application such as the content of webapp directory in confluence. http:///spaces/viewdefaultdecorator.action?decoratorName=...

4.3CVSS0.5AI score0.61114EPSS
Exploits5Affected Software1
Atlassian
Atlassian
added 2024/10/08 9:27 p.m.178 views

Upgrade tinyMCE to >= 7.0.0 to mitigate CVE-2024-29881/29203

h3. Issue Summary The current tinyMCE version used on the latest version of Jira is 5.10.9. There are two outstanding CVEs between the delta of 5.10.9 to 7.0.0 that don't seem to be backported yet: CVE-2024-29881 Detail - NVD|https://nvd.nist.gov/vuln/detail/CVE-2024-29881 CVE-2024-29203 Detail -...

4.3CVSS5.7AI score0.00722EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2020/03/24 1:48 a.m.178 views

Stored XSS via malicious file upload - CVE-2020-14173

The file upload feature in Atlassian Jira Server and Data Center in affected versions allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability. Affected versions version 8.5.4 8.6.0 ≤ version ≤ 8.7.0 8.7.0 ≤ version 8.7.1 Fixed versions 8.5.4 8.7...

5.4CVSS4.5AI score0.00886EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2015/05/18 9:31 a.m.178 views

The jQuery version used in JIRA needs to be updated

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-43422. panel Actually the jQuery version used in JIRA is still using the function jQuery.browser which is deprecated and has been removed...

6.1CVSS3.1AI score0.18351EPSS
Exploits1Affected Software1
Atlassian
Atlassian
added 2019/02/14 8:50 p.m.174 views

XSS in edit upload for a review through the wbuser parameter - CVE-2018-20241

The Edit upload resource for a review in Atlassian Fisheye before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the wbuser parameter...

5.4CVSS4AI score0.00904EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2018/10/10 9:22 a.m.174 views

Update Tomcat to 8.5.34 to avoid CVE-2018-11784

h4. Open redirect in default servlet CVE-2018-11784|https://access.redhat.com/security/cve/cve-2018-11784 When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory e.g. redirecting to '/foo/' when the user...

4.3CVSS3.6AI score0.94494EPSS
Exploits3Affected Software1
Atlassian
Atlassian
added 2019/05/06 4:6 a.m.173 views

Crowd - pdkinstall development plugin incorrectly enabled - CVE-2019-11580

Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code...

9.8CVSS3AI score0.95355EPSS
Exploits6Affected Software1
Atlassian
Atlassian
added 2015/05/18 9:31 a.m.173 views

The jQuery version used in JIRA needs to be updated

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-43422. panel Actually the jQuery version used in JIRA is still using the function jQuery.browser which is deprecated and has been removed sin...

6.1CVSS6.9AI score0.29726EPSS
Exploits3Affected Software1
Atlassian
Atlassian
added 2022/04/20 8:14 p.m.172 views

Vulnerable version of PostgresSQL JDBC driver used - CVE-2022-21724

Affected versions of Atlassian Jira Server and Data Center used versions of the PostgresSQL JDBC driver that were vulnerable to CVE-2022-21724. The affected versions of Atlassian Jira Server and Data Center are before version 8.22.2. Affected versions: version 8.22.2 Fixed versions: 8.22.2 and...

9.8CVSS8.8AI score0.0301EPSS
Exploits1
Atlassian
Atlassian
added 2019/02/14 7:7 p.m.172 views

XSS in the listApplicationLinks resource of the Application links plugin - CVE-2018-20239

The version of the Application Links plugin used in Fisheye before version 4.7.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting XSS vulnerability in the applinkStartingUrl parameter. See https://ecosystem.atlassian.net/browse/APL-1373 for more details...

5.4CVSS3.4AI score0.03401EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2016/06/01 6:40 a.m.170 views

JIRA puts a user's XSRF token in various resources.

panel:bgColor=e7f4fa NOTE: This bug report is for JIRA Cloud. Using JIRA Server? See the corresponding bug report|http://jira.atlassian.com/browse/JRASERVER-61250. panel h5.Steps to Reproduce: Log into JIRA Log out from JIRA h5.Expected Results: The URL shown in the address bar does not show the...

0.7AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2019/03/13 12:45 p.m.167 views

Embedded 7z vulnerable with a cvs score of 10

The embedded 7zip version is vulnerable. Please update...

2.3AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2022/02/08 4:45 p.m.166 views

Update Tomcat to version 8.5.75 to address CVE-2020-9484/CVE-2022-23181

h3. Issue Summary Update Tomcat to version 8.5.75 to address CVE-2020-9484/CVE-2022-23181. More information can be found here: https://nvd.nist.gov/vuln/detail/CVE-2022-23181 Taken from the page above: quote h3. CVE-2022-23181 Detail Current Description The fix for bug CVE-2020-9484 introduced a...

7CVSS1.3AI score0.56636EPSS
Exploits15Affected Software1
Atlassian
Atlassian
added 2020/09/10 4:31 a.m.166 views

Sensitive data exposure via /secure/QueryComponent!Default.jspa endpoint - CVE-2020-14179

h3. Summary Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. h3. Affected versions: version 8.5.8 8.6....

5.3CVSS5.4AI score0.76042EPSS
Exploits1
Atlassian
Atlassian
added 2018/03/08 4:18 a.m.166 views

Argument injection through Mercurial repository uri handling on Windows - CVE-2018-5224

Bamboo did not correctly check if a configured Mercurial repository URI contained values that the Windows operating system may consider argument parameters. An attacker who has permission to do one or more of the following: create a repository in Bamboo edit an existing plan in Bamboo that has a...

9CVSS8.5AI score0.02822EPSS
Exploits1Affected Software1
Atlassian
Atlassian
added 2023/06/06 2:52 a.m.162 views

Upgrade Tomcat to fix CVE-2023-28709

h3. Issue summary Apache Tomcat should be upgraded to 8.5.88 and 9.0.74 or a later version to fix CVE-2023-28709|https://nvd.nist.gov/vuln/detail/CVE-2023-28709 h3. Environment Bamboo 8, 9 h3. Steps to Reproduce Check the Apache Tomcat version on pom.xml or /bin/version.sh/bat h3. Expected Result...

7.5CVSS6.8AI score0.51547EPSS
Exploits1
Atlassian
Atlassian
added 2022/06/10 4:19 a.m.162 views

DoS (Denial of Service) in Crowd Data Center and Crowd Server - CVE-2022-29885

h2. Summary of Vulnerability This critical severity DoS Denial of Service vulnerability known as CVE-2022-29885 was introduced in version 4.0.0 of Crowd Data Center and Crowd Server. h2. Affected Versions ||Product||Affected Versions|| |Crowd Data Center Crowd Server|- 4.0.0 - 5.0.0| h2. Fixed...

7.5CVSS7.5AI score0.71653EPSS
Exploits5Affected Software1
Atlassian
Atlassian
added 2015/05/12 7:34 a.m.162 views

Update the version of commons-httpclient to address CVE-2012-5783 & CVE-2014-3577 and gain SNI support

Upgrade commons-httpclient to version 3.1-atlassian-2 to gain SNI support and to fix CVE-2012-5783 & CVE-2014-3577...

5.8CVSS2.3AI score0.09254EPSS
Exploits1Affected Software1
Total number of security vulnerabilities4295