4195 matches found
DoS (Denial of Service) in Confluence Data Center and Server
This High severity DoS Denial of Service vulnerability known as CVE-2020-28469 was introduced in versions 7.19 of Confluence Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...
DoS (Denial of Service) in Crowd Data Center and Server
This High severity DoS Denial of Service vulnerability known as CVE-2020-28469 was introduced in versions 6.0.0, 6.1.5, 6.2.4, 6.3.0, 7.0.0, and 7.1.0 of Crowd Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
DoS (Denial of Service) ua-parser-js Dependency in Jira Software Data Center
This High severity DoS Denial of Service vulnerability known as CVE-2022-25927 was introduced in versions 9.17.2, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, and 11.0.0 of Jira Software Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5...
DoS (Denial of Service) in Crowd Data Center and Server
This High severity DoS Denial of Service vulnerability known as CVE-2022-25927 was introduced in versions 5.3.1, 6.0.0, 6.1.0, 6.2.0, 6.3.0, 7.0.0, and 7.1.0 of Crowd Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...
DoS (Denial of Service) semver Dependency in Bitbucket Data Center and Server
This High severity DoS Denial of Service vulnerability known as CVE-2022-25883 was introduced in versions 9.4.16 and 10.1.1 of Bitbucket Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...
DoS (Denial of Service) net.minidev:json-smart Dependency in Jira Service Management Data Center and Server
This High severity DoS Denial of Service vulnerability known as CVE-2024-57699 was introduced in versions 5.12.29, 5.13.0, 5.14.0, 5.15.2, 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.0 of Jira Service Management Data Center and...
DOM-based XSS com.googlecode.owasp-java-html-sanitizer:owasp-java-html-sanitizer Dependency in Bamboo Data Center and Server
This High severity DOM-based XSS vulnerability known as CVE-2025-66021 was introduced in versions 10.2.9, 11.0.7, 12.0.1, and 12.1.0 of Bamboo Data Center and Server. This DOM-based XSS vulnerability, with a CVSS Score of 8.6 and a CVSS Vector of...
Improper Authorization org.springframework:spring-core Dependency in Confluence Data Center and Server
This High severity Improper Authorization vulnerability known as CVE-2025-41249 was introduced in versions 7.19 of Confluence Data Center and Server. This Improper Authorization vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an...
RCE (Remote Code Execution) commons-beanutils Dependency in Crowd Data Center and Server
This High severity RCE Remote Code Execution vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H allows an authenticated attacker to...
Injection cipher-base Dependency in Jira Service Management Data Center and Server
This High severity Injection vulnerability was introduced in versions 10.3.0, 11.0.0, 11.1.0, and 11.2.0 of Jira Service Management Data Center and Server. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of code:java CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:Hcode allows...
Injection sha.js Dependency in Jira Service Management Data Center and Server
This High severity Injection vulnerability was introduced in versions 10.3.0, 11.0.0, 11.1.0, and 11.2.0 of Jira Service Management Data Center and Server. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of code:java CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:Hcode allows...
XSS (Cross Site Scripting) dompurify Dependency in Jira Service Management Data Center and Server
This High severity XSS Cross Site Scripting vulnerability was introduced in versions 5.15.2, 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, and 11.1.0 of Jira Service Management Data Center and Server. This XSS Cross Site Scripting vulnerability, with a CV...
DoS (Denial of Service) org.apache.struts:struts2-core Dependency in Crowd Data Center and Server
This High severity DoS Denial of Service vulnerability known as CVE-2025-66675 was introduced in versions 7.0.2 and 7.1.0 of Crowd Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 8.2 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H allows an...
XXE (XML External Entity Injection) org.apache.tika:tika-parsers Dependency in Crowd Data Center and Server
This is a vulnerability in a non-Atlassian Crowd dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This High severity XXE XML External Entity Injection vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server. This XXE XML...
DoS (Denial of Service) org.apache.tomcat:tomcat-coyote Dependency in Jira Service Management Data Center and Server
This High severity DoS Denial of Service vulnerability was introduced in version 5.12.2, 5.13.0, 5.14.0, 5.15.2, 5.16.0, 5.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, and 10.7.1 of Jira Service Management Data Center and Server. This DoS Denial of Service vulnerability, with a...
DoS (Denial of Service) cross-spawn Dependency in Jira Service Management Data Center and Server
This High severity DoS Denial of Service vulnerability was introduced in versions 10.3.0 of Jira Service Management Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.7 and a CVSS Vector of code:java...
File Inclusion tar-fs Dependency in Confluence Data Center and Server
This High severity File Inclusion vulnerability known as CVE-2025-59343 was introduced in version 7.19 of Confluence Data Center and Server. This File Inclusion vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N allows an...
Race Condition at org.glassfish.jersey.core:jersey-client in Bamboo Data Center
This is a vulnerability in a non-Atlassian Bamboo dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Race Condition vulnerability was introduced in versions 9.6.0, 10.0, 10.1 and 10.2.0 of Bamboo Data Center and Server. This...
DoS (Denial of Service) org.apache.tomcat:tomcat-coyote Dependency in Jira Software Data Center and Server
This High severity DoS Denial of Service vulnerability was introduced in version 9.12.2, 9.13.0, 9.14.0, 9.15.2, 9.16.0, 9.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, and 10.7.1 of Jira Software Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score ...
mXSS (mutation Cross-Site Scripting) dompurify Dependency in Jira Software Data Center and Server
This is a vulnerability in a non-Atlassian Jira dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity nesting-based mXSS mutation Cross-Site Scripting vulnerability was introduced in version 10.3.0 of Jira Software Data Center...
XSS (Cross Site Scripting) dompurify Dependency in Jira Software Data Center and Server
This High severity XSS Cross Site Scripting vulnerability was introduced in versions 9.15.2, 9.16.0, 9.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, and 11.1.0 of Jira Software Data Center and Server. This XSS Cross Site Scripting vulnerability, with a CVSS Score o...
DoS (Denial of Service) ansi-regex Dependency in Jira Software Data Center and Server
This High severity DoS Denial of Service vulnerability was introduced in version 9.15.2, 9.16.0, 9.17.0, 10.1.1, 10.3.13, 11.2.0 of Jira Software Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of code:java...
Injection sha.js Dependency in Jira Software Data Center and Server
This High severity Injection vulnerability was introduced in versions 10.3.0, 11.0.0, 11.1.0, and 11.2.0 of Jira Software Data Center and Server. This Injection vulnerability, with a CVSS Score of 9.1 and a CVSS Vector of code:java CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:Hcode allows an...
Injection cipher-base Dependency in Jira Software Data Center and Server
This High severity Injection vulnerability was introduced in versions 10.3.0, 11.0.0, 11.1.0, and 11.2.0 of Jira Software Data Center and Server. This Injection vulnerability, with a CVSS Score of 9.1 and a CVSS Vector of code:java CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:Hcode allows an...
MITM (Man-in-the-Middle) com.squareup.okhttp3:okhttp Dependency in Jira Software Data Center and Server
This High severity MITM Man-in-the-Middle vulnerability was introduced in version 9.12.1 and 10.3.0 of Jira Software Data Center and Server. This vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of code:java CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:Ncode allows an unauthenticated...
DoS (Denial of Service) cross-spawn Dependency in Jira Software Data Center and Server
This High severity DoS Denial of Service vulnerability was introduced in versions 6.0.5 and 10.3.0 of Jira Software Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.7 and a CVSS Vector of code:java...
DoS (Denial of Service) qs Dependency in Jira Service Management Data Center and Server
This High severity DoS Denial of Service vulnerability was introduced in version 10.3.14 of Jira Service Management Data Center and Server. This vulnerability with a CVSS Score of 8.7 and a CVSS Vector of...
DoS (Denial of Service) qs Dependency in Jira Software Data Center and Server
This High severity DoS Denial of Service vulnerability was introduced in version 10.3.14 of Jira Software Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7 and a CVSS Vector of code:java...
DoS (Denial of Service) org.apache.commons:commons-fileupload2-core Dependency in Crowd Data Center and Server
This High severity DoS Denial of Service vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker to access...
DoS (Denial of Service) org.apache.struts:struts2-core Dependency in Crowd Data Center and Server
This High severity DoS Denial of Service vulnerability was introduced in version 7.1.2 of Crowd Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated attacker to access...
DoS (Denial of Service) org.apache.tomcat.embed:tomcat-embed-core Dependency in Bitbucket Data Center and Server
This High severity DoS Denial of Service vulnerability was introduced in version 8.19.0 and 9.4.0 of Bitbucket Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5, allows an attacker to perform actions to degrade service, which has no impact to...
XXE (XML External Entity Injection) in Crowd Data Center and Server
This High severity XXE XML External Entity Injection vulnerability was introduced in version 7.1.0 of Crowd Data Center and Server. This XXE XML External Entity Injection vulnerability, with a CVSS Score of 7.9, allows an authenticated attacker to access local and remote content which has high...
XXE (XML External Entity Injection) org.apache.tika:tika-core Dependency in Confluence Data Center and Server
This High severity XXE XML External Entity Injection vulnerability was introduced in versions 7.7.0 of Confluence Data Center and Server. This XXE XML External Entity Injection vulnerability, with a CVSS Score of 8.4 and a CVSS Vector of CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H allows an...
XXE (XML External Entity Injection) in Confluence Data Center and Server
This is a vulnerability in a non-Atlassian Confluence dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity XXE XML External Entity Injection vulnerability was introduced in versions 9.2.8 and 10.2.0 of Confluence Data Center a...
RCE (Remote Code Execution) org.apache.tomcat.embed:tomcat-embed-core Dependency in Bitbucket Data Center and Server
This High severity RCE Remote Code Execution vulnerability was introduced in versions 8.19.0, 9.4.0, and 10.0.0 of Bitbucket Data Center and Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H allows an...
DoS (Denial of Service) org.apache.tomcat.embed:tomcat-embed-core Dependency in Bitbucket Data Center and Server
This High severity DoS Denial of Service vulnerability was introduced in version 8.19.0 of Bitbucket Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 8.6, allows an attacker to perform actions to degrade service, which has no impact to confidentiality, no...
DoS (Denial of Service) com.fasterxml.jackson.core:jackson-core Dependency in Bitbucket Data Center and Server
This High severity DoS Denial of Service vulnerability was introduced in version 8.19.0 and 9.4.0 of Bitbucket Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7, allows an attacker to perform actions to degrade service, which has no impact to...
Improper Authorization org.springframework:spring-core Dependency in Bitbucket Data Center and Server
This High severity Improper Authorization vulnerability was introduced in version 8.19.0 and 9.4.0 of Bitbucket Data Center and Server. This Improper Authorization vulnerability, with a CVSS Score of 7.5, allows an attacker to potentially perform actions to circumvent authorization checks, which...
XXE (XML External Entity Injection) org.apache.tika:tika-core Dependency in Crowd Data Center and Server
This is a vulnerability in a non-Atlassian Crowd dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This High severity XXE XML External Entity Injection vulnerability was introduced in versions 6.3.0, 6.3.1, 6.3.2, 7.1.0, and 7.1.1 of Crowd Data...
XXE (XML External Entity Injection) org.apache.tika:tika-core Dependency in Bamboo Data Center and Server
This High severity XXE XML External Entity Injection vulnerability was introduced in versions 9.6.1, 10.0.0, 10.1.0, 10.2.0, 11.0.0, and 12.0.0-rc3 of Bamboo Data Center and Server. This XXE XML External Entity Injection vulnerability, with a CVSS Score of 8.4 and a CVSS Vector of...
Injection in Crowd Data Center and Server
This is a vulnerability in a non-Atlassian Crowd dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Injection vulnerability known as CVE-2025-9288 was introduced in versions 2.2.6, 2.4.11, 6.2.4, 6.3.0, and 7.1.0 of Crowd Da...
MITM (Man-in-the-Middle) org.postgresql:postgresql Dependency in Confluence Data Center and Server
This High severity MITM Man-in-the-Middle vulnerability was introduced in versions 9.2.8 of Confluence Data Center and Server. This MITM Man-in-the-Middle vulnerability, with a CVSS Score of 8.2 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N allows an unauthenticated attacker t...
SSRF (Server-Side Request Forgery) axios Dependency in Bamboo Data Center and Server
This High severity SSRF Server-Side Request Forgery vulnerability was introduced in versions 9.6.1, 10.0.0, 10.1.0, 10.2.0, and 11.0.0 of Bamboo Data Center and Server. This SSRF Server-Side Request Forgery vulnerability, with a CVSS Score of 7.7 and a CVSS Vector of...
Injection in Crowd Data Center and Server
This is a vulnerability in a non-Atlassian Crowd dependency. Atlassian's application of this dependency presents a lower, non-critical assessed risk. This Critical severity Injection vulnerability known as CVE-2025-9287 was introduced in versions 1.0.4, 6.2.4, 7.0.0, and 7.1.0 of Crowd Data Cente...
DoS (Denial of Service) io.netty:netty-codec-http2 Dependency in Bamboo Data Center and Server
This High severity DoS Denial of Service vulnerability was introduced in versions 9.6.1, 10.2.0 of Bamboo Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 8.2 and a CVSS Vector of: code:java...
Insecure Deserialization kind-of Dependency in Crowd Data Center and Server
This High severity Insecure Deserialization vulnerability was introduced in versions 2.0.1, 3.2.2, 6.3.0, 7.0.0, and 7.1.0 of Crowd Data Center and Server. This Insecure Deserialization vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N allow...
DoS (Denial of Service) path-to-regexp Dependency in Jira Service Management Data Center and Server
This High severity DoS Denial of Service vulnerability was introduced in versions 10.2.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Service Management Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...
XXE (XML External Entity Injection) org.apache.jackrabbit:jackrabbit-spi-commons Dependency in Confluence Data Center and Server
This High severity XXE XML External Entity Injection vulnerability was introduced in versions 7.13 of Confluence Data Center and Server. This XXE XML External Entity Injection vulnerability, with a CVSS Score of 8.8 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H allows an...
RCE (Remote Code Execution) in Jira Software Data Center and Server
This High severity RCE Remote Code Execution vulnerability was introduced in version 11.2.0 of Jira Software Data Center and Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 8.1 and a CVSS Vector of CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H allows an unauthenticated...
DoS (Denial of Server) org.apache.struts:struts-core Dependency in Jira Software Data Center and Server
This High severity DoS Denial of Service vulnerability known as CVE-2016-1182 was introduced in 11.2.0 of Jira Software Data Center and Server. This vulnerability with a CVSS Score of 8.2 and a CVSS Vector of CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H allows an unauthenticated attacker to take...