atlassian

468 tracked vulnerabilities.

CVE-2019-20415 MEDIUM
Atlassian Jira < 7.13.3 and 8.0.0-8.1.0 - Cross-Site Request Forgery
Jun 30, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-20414 MEDIUM
Atlassian Jira < 7.13.9, 8.0.0-8.4.2 - Cross-Site Scripting in Issue Navigator Basic Search
Jun 29, 2020
CVSS 5.4
EPSS 0.00
CVE-2019-20413 HIGH
Atlassian Jira < 7.13.9 and 8.0.0-8.4.2 - Denial of Service via UserPickerBrowser.jspa
Jun 29, 2020
CVSS 7.5
EPSS 0.01
CVE-2019-20412 MEDIUM
Atlassian Jira < 7.13.9 and 8.0.0-8.4.2 - Information Disclosure via Convert Sub-Task to Issue Page
Jun 29, 2020
CVSS 5.3
EPSS 0.00
CVE-2019-20411 MEDIUM
Atlassian Jira < 7.13.9 and 8.0.0-8.4.2 - Cross-Site Request Forgery in Wallboard Settings
Jun 29, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-20410 MEDIUM
Atlassian Jira < 7.6.17, 7.7.0-7.13.9, 8.0.0-8.4.2 - Information Disclosure in Comment Restriction Feature
Jun 29, 2020
CVSS 6.5
EPSS 0.00
CVE-2019-20409 CRITICAL
Atlassian Jira < 8.8.0 - Remote Code Execution via Velocity Template Injection
Jun 23, 2020
CVSS 9.8
EPSS 0.03
CVE-2019-20102 MEDIUM
Atlassian Confluence Server 6.14.0-6.14.3 & 6.15.0-6.15.5 - Stored XSS via Attachment MIME Type
Apr 22, 2020
CVSS 6.1
EPSS 0.00
CVE-2019-20407 MEDIUM
Jira Software 8.4.1-8.5.3 Authenticated Information Disclosure
Mar 17, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-20105 MEDIUM
Atlassian Application Links < 5.4.20 - Missing Authentication
Mar 17, 2020
CVSS 4.9
EPSS 0.00
CVE-2019-20100 MEDIUM
Atlassian Jira Server and Data Center - Cross-Site Request Forgery in Application Links Plugin
Feb 12, 2020
CVSS 4.7
EPSS 0.00
CVE-2019-20099 MEDIUM
Atlassian Jira Server and Data Center 7.6.15-8.5.3 - Cross-Site Request Forgery in VerifyPopServerConnection
Feb 12, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-20098 MEDIUM
Atlassian Jira Server and Data Center 7.6.15-8.5.3 - Cross-Site Request Forgery in VerifySmtpServerConnection
Feb 12, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-20406 HIGH
Confluence < 7.0.5 and 7.1.0 - DLL Hijacking via Global Path Environmental Variable
Feb 06, 2020
CVSS 7.8
EPSS 0.00
CVE-2019-20405 MEDIUM
Atlassian Jira Server and Data Center 7.13.0-8.5.x - Cross-Site Request Forgery via JMX Monitoring Flag
Feb 06, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-20404 MEDIUM
Atlassian Jira Server/Data Center <8.6.0 - Info Disclosure
Feb 06, 2020
CVSS 4.3
EPSS 0.01
CVE-2019-20403 MEDIUM
Atlassian Jira Server and Data Center 7.13.0-8.5.4 - Information Disclosure via Project Key API
Feb 06, 2020
CVSS 5.3
EPSS 0.00
CVE-2019-20402 MEDIUM
Atlassian Jira Server/Data Center <8.6.0 - Auth Bypass
Feb 06, 2020
CVSS 4.9
EPSS 0.00
CVE-2019-20401 MEDIUM
Jira Server 7.6.15-8.5.1 - Cross-Site Request Forgery in Installation Setup
Feb 06, 2020
CVSS 6.5
EPSS 0.00
CVE-2019-20400 HIGH
Jira Server 8.3.2-8.5.1 - Local DLL Hijacking via Global Path Environment Variable
Feb 06, 2020
CVSS 7.8
EPSS 0.00
CVE-2019-20106 MEDIUM
Atlassian Jira < 7.13.12, 8.0.0-8.5.4, 8.6.0-8.6.1 - Broken Access Control in Comment Permissions
Feb 06, 2020
CVSS 4.3
EPSS 0.00
CVE-2019-20104 HIGH
Atlassian Crowd < 3.2.11 - Denial of Service via XML Entity Expansion
Feb 06, 2020
CVSS 7.5
EPSS 0.02
CVE-2019-20097 HIGH
Bitbucket Server/Data Center Authenticated RCE via Post-Receive Hook
Jan 15, 2020
CVSS 8.8
EPSS 0.03
CVE-2019-15012 HIGH
Bitbucket 4.13.0-6.9.0 - Authenticated Remote Code Execution via Edit-File Endpoint
Jan 15, 2020
CVSS 8.8
EPSS 0.02
CVE-2019-15010 HIGH
Bitbucket 3.0.0-6.9.0 - Authenticated Remote Code Execution via User Input Fields
Jan 15, 2020
CVSS 8.8
EPSS 0.02
Products
jira 142 jira_server 135 jira_data_center 79 crucible 52 fisheye 52 confluence_server 49 jira_software_data_center 39 data_center 38 confluence_data_center 36 bamboo 24 crowd 24 bitbucket 20 confluence 19 jira_service_management 16 sourcetree 15 jira_align 13 jira_service_desk 12 application_links 7 Atlassian Fisheye and Crucible 5 hipchat 5 agiloft 4 floodlight 4 Bamboo 3 bitbucket_data_center 3 companion 3 hipchat_server 3 questions_for_confluence 3 universal_plugin_manager 3 Atlassian Crucible 2 Bamboo Data Center 2
Quick Filters
Critical CVEs With Exploits In CISA KEV