atlassian
468 tracked vulnerabilities.
CVE-2021-41306
HIGH
Atlassian Jira <8.13.12, 8.14.0-8.20.0 - Unauthenticated Private Project/Filter Name Exposure
Oct 26, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-41305
HIGH
Atlassian Jira < 8.13.12 - Unauthenticated Private Project and Filter Name Exposure
Oct 26, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-41304
MEDIUM
Atlassian Jira Server/Data Center <8.13.12 & 8.14.0-8.20.2 - Stored XSS via Importer Error
Oct 26, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-39127
MEDIUM
Atlassian Jira Server/Data Center <8.5.10 & <8.6.0-8.13.1 - BAC
Oct 21, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-39126
MEDIUM
Atlassian Jira Server/Data Center <8.5.10, 8.6.0-8.13.1 CSRF via Referrer Header
Oct 21, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-39128
HIGH
Atlassian Jira Server/Data Center - RCE
Sep 16, 2021
CVSS 7.2
EPSS 0.01
CVE-2021-39125
MEDIUM
Atlassian Jira Server/Data Center <8.5.10 & <8.6.0-8.13.1 - Info Di...
Sep 14, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-39124
MEDIUM
Atlassian Jira Server and Data Center < 8.16.0 - Cross-Site Request Forgery via Retry Feature
Sep 14, 2021
CVSS 4.3
EPSS 0.00
CVE-2021-39123
HIGH
Atlassian Jira Server and Data Center < 8.16.0 - Unauthenticated Denial of Service via CreatedVsResolved Endpoint
Sep 14, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-39118
MEDIUM
Atlassian Jira <8.19.0 - Info Disclosure
Sep 14, 2021
CVSS 5.3
EPSS 0.01
CVE-2021-39122
MEDIUM
Atlassian Jira Server/Data Center <8.5.13/8.6.0-8.13.5/8.14.0-8.15.1 - Unauthenticated Info Disclosure
Sep 08, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-39121
MEDIUM
Atlassian Jira Server/Data Center <8.5.18, 8.6.0-8.13.10, 8.14.0-8.18.2 Info Disclosure
Sep 08, 2021
CVSS 4.3
EPSS 0.00
CVE-2021-39116
MEDIUM
Atlassian Jira Server and Data Center <8.13.14 and 8.14.0-8.19.0 - Denial of Service in GIF Image Reader
Sep 08, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-39119
MEDIUM
Atlassian Jira Server and Data Center < 8.19.0 - Broken Access Control in Issue Notification Feature
Sep 01, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-39115
HIGH
Atlassian Jira Service Management Server/Data Center - Server-Side Template Injection
Sep 01, 2021
CVSS 7.2
EPSS 0.26
CVE-2021-39109
HIGH
Atlassian Atlasboard < 1.1.9 - Path Traversal via renderWidgetResource
Sep 01, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-39117
MEDIUM
Atlassian Jira Server and Data Center < 8.18.0 - Cross-Site Scripting via Custom Field Name
Aug 30, 2021
CVSS 4.8
EPSS 0.00
CVE-2021-39113
HIGH
Atlassian Jira Server/Data Center <8.13.9 & 8.14.0-8.17.9 - Unauthenticated Broken Access Control
Aug 30, 2021
CVSS 7.5
EPSS 0.00
CVE-2021-39111
MEDIUM
Atlassian Jira Server/Data Center XSS via PDF Content Paste (versions <8.5.18, 8.6.0-8.13.10, 8.14.0-8.18.2)
Aug 30, 2021
CVSS 6.1
EPSS 0.00
CVE-2021-26084
CRITICAL
KEVNUCLEI
Atlassian Confluence Server and Data Center - OGNL Injection
Aug 30, 2021
CVSS 9.8
EPSS 0.94
CVE-2021-39112
MEDIUM
Atlassian Jira Server/Data Center <8.5.15, <8.6.0-8.13.7, <8.14.0-8...
Aug 25, 2021
CVSS 4.8
EPSS 0.00
CVE-2021-26086
MEDIUM
KEVNUCLEI
Atlassian Jira Server/Data Center Path Traversal via /WEB-INF/web.xml
Aug 16, 2021
CVSS 5.3
EPSS 0.94
CVE-2021-26085
MEDIUM
KEVNUCLEI
Atlassian Confluence Server <7.4.10, >7.5.0-7.12.2 - Info Disclosure
Aug 03, 2021
CVSS 5.3
EPSS 0.94
CVE-2021-37843
CRITICAL
Atlassian SAML Single Sign-On < 2.5.9, < 3.5.6, < 3.6.6.1 - Unauthenticated Authentication Bypass
Aug 02, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-26083
MEDIUM
Jira Server and Data Center < 8.5.14, 8.6.0-8.13.6, 8.14.0-8.16.1 - Cross-Site Scripting via Export HTML Report
Jul 20, 2021
CVSS 5.4
EPSS 0.00
Products
jira 142
jira_server 135
jira_data_center 79
crucible 52
fisheye 52
confluence_server 49
jira_software_data_center 39
data_center 38
confluence_data_center 36
bamboo 24
crowd 24
bitbucket 20
confluence 19
jira_service_management 16
sourcetree 15
jira_align 13
jira_service_desk 12
application_links 7
Atlassian Fisheye and Crucible 5
hipchat 5
agiloft 4
floodlight 4
Bamboo 3
bitbucket_data_center 3
companion 3
hipchat_server 3
questions_for_confluence 3
universal_plugin_manager 3
Atlassian Crucible 2
Bamboo Data Center 2
Quick Filters