Lucene search
K
AtlassianMost viewed

4295 matches found

Atlassian
Atlassian
added 2026/06/03 4:30 p.m.7 views

Injection axios Dependency in Jira Service Management Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Injection vulnerability was introduced in versions 5.17.2, 10.3.12, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data...

9.1CVSS5.3AI score0.00549EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/03 4:30 p.m.7 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Jira Software Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This High severity HTTP Request Smuggling vulnerability was introduced in versions 9.12.1, 9.16.0, 9.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0,...

9.1CVSS5.3AI score0.00633EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/03 4:30 p.m.7 views

Business Logic Vulnerability Apache Tomcat Dependency in Jira Service Management Data Center

This High severity Business Logic vulnerability was introduced in versions 5.16.0, 5.17.0, 10.0.1, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This Business Logic vulnerability, with a CVSS Score of 7.5 and a...

7.5CVSS5.3AI score0.00467EPSS
Exploits0
Atlassian
Atlassian
added 2026/06/03 4:29 p.m.7 views

DoS (Denial of Service) io.netty:netty-codec Dependency in Jira Service Management Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This DoS Denial of Service vulnerability, with a CVSS Score ...

7.5CVSS5.4AI score0.00863EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/03 4:29 p.m.7 views

Authentication Bypass org.apache.tomcat:tomcat-catalina Dependency in Jira Service Management Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Authentication Bypass vulnerability was introduced in versions 5.16.0, 5.17.0, 10.0.1, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0,...

9.8CVSS5.3AI score0.01233EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/02 4:30 p.m.7 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Confluence Data Center

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This High severity HTTP Request Smuggling vulnerability was introduced in versions 7.0.1, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1, 9.1.0,...

9.1CVSS5.3AI score0.00633EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/02 4:29 p.m.7 views

BASM (Broken Authentication & Session Management) org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center and Server

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity BASM Broken Authentication & Session Management vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0,...

9.8CVSS5.3AI score0.01233EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/01 10:30 p.m.7 views

Injection axios Dependency in Bamboo Data Center

This High severity Injection vulnerability was introduced in versions 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N allows an unauthenticated attack...

7.4CVSS8AI score0.00394EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/01 10:30 p.m.7 views

Injection axios Dependency in Bamboo Data Center

This High severity Injection vulnerability was introduced in versions 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N allows an unauthenticated attack...

7.4CVSS7.6AI score0.00838EPSS
Exploits1
Atlassian
Atlassian
added 2026/05/21 7:29 p.m.7 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Jira Data Center

This High severity HTTP Request Smuggling vulnerability was introduced in versions 9.12.1, 9.16.0, 9.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Software Data Center and Server. This HTTP Request Smuggling vulnerability, with a...

7.5CVSS5.2AI score0.00248EPSS
Exploits1
Atlassian
Atlassian
added 2026/05/12 5:29 p.m.7 views

Information Disclosure org.apache.tomcat:tomcat-catalina Dependency in Jira Service Management Data Center

This High severity Information Disclosure vulnerability was introduced in versions 5.15.2, 5.16.0, 5.17.0, 10.0.1, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This Information Disclosure vulnerability, with a...

7.5CVSS5.2AI score0.00447EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/12 4:29 p.m.7 views

Security Misconfiguration org.apache.tomcat:tomcat-catalina Dependency in Jira Service Management Data Center

This High severity Security Misconfiguration vulnerability was introduced in version 11.3.4 of Jira Service Management Data Center. This Security Misconfiguration vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticated...

7.5CVSS5.7AI score0.03494EPSS
Exploits1
Atlassian
Atlassian
added 2026/04/08 10:29 p.m.7 views

DoS (Denial of Service) minimatch Dependency in Jira Service Management Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 5.15.2, 5.16.0, 5.17.0, 10.0.0, 10.1.2, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.1, 11.1.0, 11.2.1, and 11.3.0 of Jira Service Management Data Center. This DoS Denial of Service vulnerability, with a CVS...

7.5CVSS5.3AI score0.00517EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/12 5:55 p.m.6 views

BASM (Broken Authentication & Session Management) org.springframework.security:spring-security-core Dependency in Crucible Data Center and Server

This High severity BASM Broken Authentication & Session Management vulnerability was introduced in version 4.9.0 of Crucible Server. This BASM Broken Authentication & Session Management vulnerability, with a CVSS Score of 7.3 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L allow...

7.5CVSS5.3AI score0.0137EPSS
Exploits0
Atlassian
Atlassian
added 2026/06/12 5:45 p.m.6 views

DoS (Denial of Service) org.postgresql:postgresql Dependency in Bamboo Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 10.2.0, 10.2.1, 10.2.2, 10.2.3, 10.2.4, 10.2.5, 10.2.6, 10.2.7, 10.2.8, 10.2.9, 10.2.10, 10.2.11, 10.2.12, 10.2.13, 10.2.14, 10.2.15, 10.2.16, 10.2.18, and 10.2.19 of Bamboo Data Center. This DoS Denial of Service...

5.2AI score
Exploits0
Atlassian
Atlassian
added 2026/06/12 11:29 a.m.6 views

DoS (Denial of Service) io.netty:netty-codec-http2 Dependency in Crowd Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 6.2.0, 6.3.0, 7.0.0, 7.1.0, and 7.2.0 of Crowd Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...

7.5CVSS5.5AI score0.00863EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/11 5:59 p.m.6 views

RCE (Remote Code Execution) org.apache.activemq:activemq-broker Dependency in Bamboo Data Center

This High severity RCE Remote Code Execution vulnerability was introduced in versions 10.2.0 and 12.1.0 of Bamboo Data Center. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, allows an authenticated attacker...

8.8CVSS6.5AI score0.0098EPSS
Exploits0
Atlassian
Atlassian
added 2026/06/11 5:31 p.m.6 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Crowd Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity HTTP Request Smuggling vulnerability was introduced in versions 6.2.0, 6.3.0, 7.0.0, 7.1.0, 7.2.0 of Crowd Data Center. This HTTP...

9.8CVSS5.4AI score0.00515EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/11 12:0 p.m.6 views

DoS (Denial of Service) io.netty:netty-codec-http2 Dependency in Jira Service Management Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7 a...

8.7CVSS5.4AI score0.01125EPSS
Exploits0
Atlassian
Atlassian
added 2026/06/03 4:31 p.m.6 views

SSRF (Server-Side Request Forgery) axios Dependency in Jira Service Management Data Center

This High severity SSRF Server-Side Request Forgery vulnerability was introduced in versions 5.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.5 of Jira Service Management Data Center. This SSRF Server-Side Request Forgery vulnerability, with...

7.5CVSS5.3AI score0.00301EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/03 4:30 p.m.6 views

Injection axios Dependency in Jira Software Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Injection vulnerability was introduced in versions 9.17.2, 10.3.12, 11.2.1, and 11.3.0 of Jira Software Data Center. This Injectio...

9.1CVSS5.3AI score0.00549EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/03 4:30 p.m.6 views

Injection axios Dependency in Jira Service Management Data Center

This High severity Injection vulnerability was introduced in versions 5.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of...

7.4CVSS5.6AI score0.00394EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/03 4:30 p.m.6 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Jira Service Management Data Center

This High severity HTTP Request Smuggling vulnerability was introduced in versions 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0, of Jira Service Management Data Center and Server. This HTTP Request Smuggling vulnerability, with...

7.5CVSS5.2AI score0.00248EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/03 4:30 p.m.6 views

Injection axios Dependency in Jira Service Management Data Center

This High severity Injection vulnerability was introduced in versions 5.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of...

7.4CVSS5.3AI score0.00838EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/03 2:30 p.m.6 views

Information Disclosure org.apache.tomcat:tomcat-websocket Dependency in Confluence Data Center

This High severity Information Disclosure vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.1, and 10.2.0 of Confluence Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.3 and a...

7.3CVSS5.3AI score0.00548EPSS
Exploits0
Atlassian
Atlassian
added 2026/06/02 10:29 p.m.6 views

DoS (Denial of Service) nth-check Dependency in Jira Service Management Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 5.15.2, 5.16.0, 5.17.0, 10.0.1, and 10.3.20 of Jira Service Management Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:...

7.5CVSS7AI score0.02014EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/02 4:30 p.m.6 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Confluence Data Center

This High severity HTTP Request Smuggling vulnerability was introduced in versions 7.0.1, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This HTTP Request Smuggling vulnerability, with a CVSS Score of 7.5 and a...

7.5CVSS5.2AI score0.00248EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/02 4:29 p.m.6 views

DoS (Denial of Service) org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a...

7.5CVSS5.2AI score0.0078EPSS
Exploits0
Atlassian
Atlassian
added 2026/06/02 4:29 p.m.6 views

Injection org.apache.tomcat:tomcat-coyote Dependency in Confluence Data Center

This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Injection vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0, 8.5.0, 8.9.0, 9.0.1, 9.1.0, 9.2.0,...

9.8CVSS5.3AI score0.01339EPSS
Exploits0
Atlassian
Atlassian
added 2026/06/01 10:29 p.m.6 views

Business Logic Vulnerability org.apache.tomcat:tomcat-catalina Dependency in Bamboo Data Center

This High severity Business Logic vulnerability was introduced in versions 10.1.1, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This Business Logic vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticated...

7.5CVSS7AI score0.00467EPSS
Exploits0
Atlassian
Atlassian
added 2026/05/22 10:30 p.m.6 views

HTTP Request Smuggling ws Dependency in Confluence Data Center

This High severity HTTP Request Smuggling vulnerability was introduced in versions 9.0.1, 9.2.3, and 9.4.0 of Confluence Data Center. This HTTP Request Smuggling vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an unauthenticated...

7.5CVSS5.2AI score0.00717EPSS
Exploits1
Atlassian
Atlassian
added 2026/05/21 8:29 p.m.6 views

DoS (Denial of Service) minimatch Dependency in Confluence Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 8.9.0, 9.0.1, 9.0.3, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0, and 10.2.0 of Confluence Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.3AI score0.00517EPSS
Exploits1
Atlassian
Atlassian
added 2026/05/21 5:29 p.m.6 views

DoS (Denial of Service) nth-check Dependency in Jira Software Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 9.15.2, 9.16.0, 9.17.0, 10.0.1, and 10.3.20 of Jira Software Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows a...

7.5CVSS7AI score0.02014EPSS
Exploits1
Atlassian
Atlassian
added 2026/05/21 3:37 a.m.6 views

Upgrade Tomcat to fix CVE-2026-41284, CVE-2026-41293, CVE-2026-42498, CVE-2026-43512, CVE-2026-43513, CVE-2026-43514 and CVE-2026-43515

h3. Issue Summary Apache Tomcat should be upgraded to 9.0.118, 10.1.55 or a later version to fix https://nvd.nist.gov/vuln/detail/CVE-2026-41284 https://nvd.nist.gov/vuln/detail/CVE-2026-41293 https://nvd.nist.gov/vuln/detail/CVE-2026-42498 https://nvd.nist.gov/vuln/detail/CVE-2026-43512...

9.8CVSS6.6AI score0.01339EPSS
Exploits2
Atlassian
Atlassian
added 2026/05/13 4:29 a.m.6 views

SSRF (Server-Side Request Forgery) axios Dependency in Bitbucket Data Center

This High severity SSRF Server-Side Request Forgery vulnerability was introduced in versions 9.4.12 and 10.2.0 of Bitbucket Data Center. This SSRF Server-Side Request Forgery vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an...

7.5CVSS5.3AI score0.00301EPSS
Exploits1
Atlassian
Atlassian
added 2026/05/11 11:29 p.m.6 views

SSRF (Server-Side Request Forgery) axios Dependency in Jira Software Data Center

This High severity SSRF Server-Side Request Forgery vulnerability was introduced in versions 9.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Software Data Center. This SSRF Server-Side Request Forgery vulnerability, with a CVSS...

7.5CVSS5.3AI score0.00301EPSS
Exploits1
Atlassian
Atlassian
added 2026/05/06 4:29 p.m.6 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Jira Software Data Center

This is a vulnerability in a non-Atlassian Jira dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This High severity HTTP Request Smuggling vulnerability was introduced in versions 9.12.1, 10.3.0, 11.3.0 of Jira Software Data Center and Jira...

7.5CVSS5.2AI score0.0064EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/12 5:59 p.m.5 views

Improper Authorization org.springframework.security:spring-security-core Dependency in Crucible Data Center and Server

This High severity Improper Authorization vulnerability was introduced in version 4.9.0 of Crucible Server. This Improper Authorization vulnerability, with a CVSS Score of 8.2 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N allows an unauthenticated attacker to gain unintended...

8.2CVSS7.7AI score0.00948EPSS
Exploits0
Atlassian
Atlassian
added 2026/06/11 5:31 p.m.5 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Crowd Data Center

This High severity HTTP Request Smuggling vulnerability was introduced in versions 6.2.0, 6.3.0, 7.0.0, 7.1.0, 7.2.0 of Crowd Data Center. This HTTP Request Smuggling vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N allows an...

7.5CVSS5.3AI score0.00248EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/03 4:30 p.m.5 views

SSRF (Server-Side Request Forgery) axios Dependency in Jira Software Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity SSRF Server-Side Request Forgery vulnerability was introduced in versions 9.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0,...

9.9CVSS5.3AI score0.01186EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/03 4:30 p.m.5 views

Injection axios Dependency in Jira Software Data Center

This High severity Injection vulnerability was introduced in versions 9.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Software Data Center. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of...

7.4CVSS5.6AI score0.00394EPSS
Exploits1
Atlassian
Atlassian
added 2026/06/01 10:30 p.m.5 views

HTTP Request Smuggling io.netty:netty-codec-http Dependency in Bamboo Data Center

This High severity HTTP Request Smuggling vulnerability was introduced in version 10.0.0, 10.1.0, 10.2.0, 11.0.0, 12.0.0, and 12.1.0 of Bamboo Data Center. This HTTP Request Smuggling vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N allows ...

7.5CVSS6.5AI score0.00248EPSS
Exploits1
Atlassian
Atlassian
added 2026/05/20 9:29 p.m.5 views

Business Logic Vulnerability org.springframework.security:spring-security-web Dependency in Crowd Data Center

This is a vulnerability in a non-Atlassian dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Business Logic vulnerability was introduced in versions 5.3.0, 6.0.0, 6.1.0, 6.2.0, 6.3.0, 7.0.1, 7.1.0 of Crowd Data Center. This...

9.1CVSS5.4AI score0.0048EPSS
Exploits2
Atlassian
Atlassian
added 2026/04/08 10:29 p.m.5 views

DoS (Denial of Service) minimatch Dependency in Jira Software Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 9.15.2, 9.16.1, 9.17.1, 10.0.1, 10.1.2, 10.2.1, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.1, 11.1.0, 11.2.0, and 11.3.0 of Jira Software Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of...

7.5CVSS5.3AI score0.00517EPSS
Exploits1
Atlassian
Atlassian
added 2026/04/08 10:29 p.m.5 views

DoS (Denial of Service) minimatch Dependency in Jira Service Management Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 5.15.2, 5.16.0, 5.17.0, 10.0.0, 10.1.2, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.1, 11.1.0, 11.2.1, and 11.3.0 of Jira Service Management Data Center. This DoS Denial of Service vulnerability, with a CVS...

7.5CVSS5.2AI score0.00472EPSS
Exploits1
Total number of security vulnerabilities4295