atlassian

468 tracked vulnerabilities.

CVE-2023-22508 HIGH
Confluence Data Center and Server 6.1.0-7.13.19 - Authenticated Remote Code Execution
Jul 18, 2023
CVSS 8.8
EPSS 0.05
CVE-2023-22505 HIGH
Confluence Data Center and Server 8.0.0-8.3.1 - Authenticated Remote Code Execution
Jul 18, 2023
CVSS 8.8
EPSS 0.03
CVE-2023-22504 MEDIUM
Atlassian Confluence Server < 7.13.17 - Unrestricted File Upload via Attachments Feature
May 25, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-22503 MEDIUM
Atlassian Confluence Server/Data Center <7.13.15/7.14.0-7.19.6/7.20.0-8.1.9 - Unauthenticated Info Disclosure
May 01, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-22501 CRITICAL
Jira Service Management 5.3.0-5.3.3 - Authentication Bypass via Signup Token Impersonation
Feb 01, 2023
CVSS 9.1
EPSS 0.02
CVE-2022-43782 CRITICAL
Atlassian Crowd <4.4.4 - Auth Bypass
Nov 17, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-43781 CRITICAL
Bitbucket Server/Data Center - Command Injection
Nov 17, 2022
CVSS 9.8
EPSS 0.87
CVE-2022-42978 HIGH
Netic User Export for Confluence Data Center < 1.3.5 - Unauthenticated Incorrect Authorization
Nov 15, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-42977 HIGH
Netic User Export for Confluence Data Center < 1.3.5 - Path Traversal via fileName Parameter
Nov 15, 2022
CVSS 7.5
EPSS 0.01
CVE-2022-36803 HIGH
Atlassian Jira Align < 10.109.2 - Authenticated Privilege Escalation via MasterUserEdit API
Oct 14, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-36802 MEDIUM
Atlassian Jira Align < 10.109.2 - Server-Side Request Forgery via ManageJiraConnectors API
Oct 14, 2022
CVSS 4.9
EPSS 0.00
CVE-2022-36804 HIGH KEVNUCLEI
Atlassian Bitbucket Server/Data Center <7.6.17/<7.17.10/<7.21.4/<8....
Aug 25, 2022
CVSS 8.8
EPSS 0.94
CVE-2022-36801 MEDIUM
Atlassian Jira Server/Data Center <8.20.8 - Reflected XSS via TeamManagement.jspa
Aug 10, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-36800 MEDIUM
Atlassian Jira Service Management < 4.22.2 - Unauthenticated Information Disclosure via browsegroups.action Endpoint
Aug 03, 2022
CVSS 4.3
EPSS 0.00
CVE-2022-36799 HIGH
Atlassian Jira Server/Data Center RCE via Email Template Injection (8.13.19, 8.14.0-8.20.7, 8.21.0-8.22.1)
Aug 01, 2022
CVSS 7.2
EPSS 0.04
CVE-2022-26138 CRITICAL KEVNUCLEI
Atlassian Questions For Confluence - Hardcoded Credentials
Jul 20, 2022
CVSS 9.8
EPSS 0.94
CVE-2022-26137 HIGH
Atlassian Bamboo < 8.0.9, 8.1.0-8.1.8, 8.2.0-8.2.4 - Unauthenticated CORS Bypass via Servlet Filter Invocation
Jul 20, 2022
CVSS 8.8
EPSS 0.00
CVE-2022-26136 CRITICAL
Atlassian <update - Auth Bypass/XSS
Jul 20, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-26135 MEDIUM
Atlassian Jira <8.13.22, <8.20.10, <8.22.4 - SSRF
Jun 30, 2022
CVSS 6.5
EPSS 0.84
CVE-2022-26134 CRITICAL KEVNUCLEI
Confluence - Remote Code Execution
Jun 03, 2022
CVSS 9.8
EPSS 0.94
CVE-2022-26133 CRITICAL
Atlassian Bitbucket Data Center <7.17.6 - Code Injection
Apr 20, 2022
CVSS 9.8
EPSS 0.81
CVE-2022-0540 CRITICAL NUCLEI
Atlassian Jira <8.13.18, <8.14.0-8.20.5, <8.21.0-8.22.0 - Auth Bypass
Apr 20, 2022
CVSS 9.8
EPSS 0.93
CVE-2021-43959 MEDIUM
Atlassian Jira Service Management Server & Data Center <4.13.20 - SSRF
Jul 26, 2022
CVSS 5.7
EPSS 0.00
CVE-2021-39114 HIGH
Atlassian Confluence Data Center < 6.13.23 - Code Injection
Apr 05, 2022
CVSS 8.8
EPSS 0.00
CVE-2021-43958 CRITICAL
Fisheye/Crucible <4.8.9 - Auth Bypass
Mar 16, 2022
CVSS 9.8
EPSS 0.01
Products
jira 142 jira_server 135 jira_data_center 79 crucible 52 fisheye 52 confluence_server 49 jira_software_data_center 39 data_center 38 confluence_data_center 36 bamboo 24 crowd 24 bitbucket 20 confluence 19 jira_service_management 16 sourcetree 15 jira_align 13 jira_service_desk 12 application_links 7 Atlassian Fisheye and Crucible 5 hipchat 5 agiloft 4 floodlight 4 Bamboo 3 bitbucket_data_center 3 companion 3 hipchat_server 3 questions_for_confluence 3 universal_plugin_manager 3 Atlassian Crucible 2 Bamboo Data Center 2
Quick Filters
Critical CVEs With Exploits In CISA KEV