atlassian

468 tracked vulnerabilities.

CVE-2020-36287 MEDIUM
Atlassian Jira Server/Data Center <8.13.5, 8.14.0-8.15.1 - Unauthenticated Info Disclosure
Apr 09, 2021
CVSS 5.3
EPSS 0.63
CVE-2020-36286 MEDIUM
Jira Server/Data Center <8.5.13, <8.6.0-8.13.5, <8.14.0-8.15.1 - In...
Apr 01, 2021
CVSS 5.3
EPSS 0.00
CVE-2020-36238 MEDIUM
Jira Server and Data Center < 8.5.13 and 8.6.0-8.13.5 - Unauthenticated Username Enumeration via Render API
Apr 01, 2021
CVSS 5.3
EPSS 0.00
CVE-2020-36240 MEDIUM
Crowd <4.0.4, >4.1.0-4.1.2 - Info Disclosure
Mar 01, 2021
CVSS 5.3
EPSS 0.00
CVE-2020-36232 MEDIUM
atlassian-gadgets < 4.2.37, 4.3.0-4.3.13, 4.3.2.0-4.3.2.3, 4.4.0-4.4.11, 5.0.0 SSRF via MessageBundleWhiteList
Feb 22, 2021
CVSS 5.0
EPSS 0.00
CVE-2020-29453 MEDIUM NUCLEI
Jira Server/Jira Data Center <8.5.11, <8.6.0-8.13.3, <8.14.0-8.15.0...
Feb 22, 2021
CVSS 5.3
EPSS 0.87
CVE-2020-29448 MEDIUM
Confluence Server/Data Center <6.13.18-7.4.6-7.8.3 - Info Disclosure
Feb 22, 2021
CVSS 5.3
EPSS 0.01
CVE-2020-12873 HIGH
Alfresco ECM <6.2.1 - Code Injection
Feb 19, 2021
CVSS 8.8
EPSS 0.01
CVE-2020-36233 HIGH
Atlassian Bitbucket <6.10.9, 7.x<7.6.4, 7.7.0-7.10.1 Local Privilege Escalation
Feb 18, 2021
CVSS 7.8
EPSS 0.00
CVE-2020-29451 MEDIUM
Atlassian Jira Server/Data Center <8.5.11, <8.6.0-8.13.3, <8.14.0-8...
Feb 15, 2021
CVSS 4.3
EPSS 0.00
CVE-2020-36237 MEDIUM
Atlassian Jira Server and Data Center < 8.15.0 - Unauthenticated Information Disclosure via Custom Field Option Endpoint
Feb 15, 2021
CVSS 5.3
EPSS 0.01
CVE-2020-36236 MEDIUM
Atlassian Jira <8.5.11, 8.6.0-8.13.3, 8.14.0-8.15.0 - Cross-Site Scripting
Feb 15, 2021
CVSS 6.1
EPSS 0.00
CVE-2020-36235 MEDIUM
Atlassian Jira < 8.13.2 and 8.14.0 < 8.14.1 - Unauthenticated Information Disclosure via Mobile Site View
Feb 15, 2021
CVSS 5.3
EPSS 0.01
CVE-2020-36234 MEDIUM
Atlassian Jira Server and Data Center < 8.5.11, 8.6.0-8.13.3, 8.14.0-8.15.0 - Cross-Site Scripting in Screens Modal View
Feb 15, 2021
CVSS 4.8
EPSS 0.00
CVE-2020-36231 MEDIUM
Atlassian Jira < 8.5.10 and 8.6.0-8.13.2 - Unauthenticated Board Metadata Exposure via IDOR
Feb 02, 2021
CVSS 4.3
EPSS 0.00
CVE-2020-14192 MEDIUM
Atlassian Crucible and Fisheye < 4.8.4 - Unauthenticated Sensitive Information Exposure via Analytics Response Header
Feb 02, 2021
CVSS 4.3
EPSS 0.00
CVE-2020-29450 MEDIUM
Atlassian Confluence Server and Data Center < 7.2.0 - Denial of Service via Avatar Upload Feature
Jan 19, 2021
CVSS 6.5
EPSS 0.01
CVE-2020-29446 MEDIUM
Atlassian Fisheye & Crucible <4.8.5 - Info Disclosure
Jan 18, 2021
CVSS 5.3
EPSS 0.00
CVE-2020-29447 MEDIUM
Atlassian Crucible <4.7.4, >4.8.0-4.8.5 - DoS
Dec 21, 2020
CVSS 4.3
EPSS 0.00
CVE-2020-14193 MEDIUM
Automation for Jira < 7.1.15 - Template Injection via Mustache Partials
Nov 30, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-14190 HIGH
Atlassian Fisheye/Crucible < 4.8.4 - Regex Denial of Service via EyeQL
Nov 25, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-14191 HIGH
Atlassian Fisheye/Crucible < 4.8.4 - Denial of Service in MessageBundleResource
Nov 25, 2020
CVSS 7.5
EPSS 0.01
CVE-2020-14189 CRITICAL
Atlassian gajira-comment <2.0.2 - RCE
Nov 09, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-14188 CRITICAL
Atlassian gajira-create <2.0.1 - RCE
Nov 09, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-14185 MEDIUM
Atlassian Jira <7.13.18, 8.0.0-8.5.9, 8.6.0-8.12.2 - Unauthenticated Issue Key Enumeration
Oct 15, 2020
CVSS 5.3
EPSS 0.00
Products
jira 142 jira_server 135 jira_data_center 79 crucible 52 fisheye 52 confluence_server 49 jira_software_data_center 39 data_center 38 confluence_data_center 36 bamboo 24 crowd 24 bitbucket 20 confluence 19 jira_service_management 16 sourcetree 15 jira_align 13 jira_service_desk 12 application_links 7 Atlassian Fisheye and Crucible 5 hipchat 5 agiloft 4 floodlight 4 Bamboo 3 bitbucket_data_center 3 companion 3 hipchat_server 3 questions_for_confluence 3 universal_plugin_manager 3 Atlassian Crucible 2 Bamboo Data Center 2
Quick Filters
Critical CVEs With Exploits In CISA KEV