Vulnerabilidades em Atlassian

399 resultados
CVE-2019-15004The Customer Context Filter in Atlassian Jira Service Desk Server and Jira Service Desk Data Center before 3.9.17, from 3.10.0 before 3.16.1EPSS 3.9%CVE-2021-26078The number range searcher component in Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before version 8.13.6, andEPSS 3.8%CVE-2018-5225In browser editing in Atlassian Bitbucket Server from version 4.13.0 before 5.4.8 (the fixed version for 4.13.0 through 5.4.7), 5.5.0 beforeEPSS 3.6%CVE-2017-14586The Hipchat for Mac desktop client is vulnerable to client-side remote code execution via video call link parsing. Hipchat for Mac desktop cEPSS 3.5%CVE-2018-20239Application Links before version 5.0.11, from version 5.1.0 before 5.2.10, from version 5.3.0 before 5.3.6, from version 5.4.0 before 5.4.12EPSS 3.4%CVE-2017-9511HIGHThe MultiPathResource class in Atlassian Fisheye and Crucible, before version 4.4.1 allows anonymous remote attackers to read arbitrary fileEPSS 3.2%CVE-2020-14178Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate project keys via an Information Disclosure vuEPSS 3.1%CVE-2019-14995The /rest/api/1.0/render resource in Jira before version 8.4.0 allows remote anonymous attackers to determine if an attachment with a specifEPSS 3.0%CVE-2018-5231The ForgotLoginDetails resource in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before vEPSS 2.8%CVE-2018-5224Bamboo did not correctly check if a configured Mercurial repository URI contained values that the Windows operating system may consider arguEPSS 2.8%CVE-2020-14188The preprocessArgs function in the Atlassian gajira-create GitHub Action before version 2.0.1 allows remote attackers to execute arbitrary cEPSS 2.8%CVE-2024-21689HIGHThis High severity RCE (Remote Code Execution) vulnerability CVE-2024-21689  was introduced in versions 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, aEPSS 2.7%CVE-2021-26068An endpoint in Atlassian Jira Server for Slack plugin from version 0.0.3 before version 2.0.15 allows remote attackers to execute arbitrary EPSS 2.7%CVE-2019-8445Several worklog rest resources in Jira before version 7.13.7, and from version 8.0.0 before version 8.3.2 allow remote attackers to view worEPSS 2.7%CVE-2019-8443The ViewUpgrades resource in Jira before version 7.13.4, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.EPSS 2.6%CVE-2019-15010Bitbucket Server and Bitbucket Data Center versions starting from version 3.0.0 before version 5.16.11, from version 6.0.0 before 6.0.11, frEPSS 2.6%CVE-2017-16859The review attachment resource in Atlassian Fisheye and Crucible before version 4.3.2, from version 4.4.0 before 4.4.3 and before version 4.EPSS 2.5%CVE-2021-26069Affected versions of Atlassian Jira Server and Data Center allow unauthenticated remote attackers to download temporary files and enumerate EPSS 2.5%CVE-2020-14172This issue exists to document that a security improvement in the way that Jira Server and Data Center use velocity templates has been implemEPSS 2.5%CVE-2019-20409The way in which velocity templates were used in Atlassian Jira Server and Data Center prior to version 8.8.0 allowed remote attackers to gaEPSS 2.5%