| Released Security Vulnerabilities |
| Product & Release Notes |
Affected Versions |
Fixed Version |
Vulnerability Summary |
CVE ID |
CVSS Severity |
|
| Bamboo Data Center and Server |
- 10.2.0 (LTS)
- 10.1.0 to 10.1.1
- 10.0.0 to 10.0.3
- 9.6.0 to 9.6.9 (LTS)
- 9.5.0 to 9.5.4
- 9.4.0 to 9.4.4
- 9.3.0 to 9.3.6
- 9.2.3 to 9.2.20 (LTS)
- 9.1.2 to 9.1.3
|
- 10.2.1 (LTS) recommended Data Center Only
- 9.6.10 (LTS) Data Center Only
- 9.2.21 to 9.2.22 (LTS)
|
DoS (Denial of Service) com.google.protobuf:protobuf-java Dependency in Bamboo Data Center and Server |
CVE-2024-7254 |
8.7 High |
|
| DoS (Denial of Service) com.thoughtworks.xstream:xstream Dependency in Bamboo Data Center and Server |
CVE-2024-47072 |
7.5 High |
|
| Bitbucket Data Center and Server |
- 9.2.0 to 9.2.1
- 9.1.0 to 9.1.1
- 9.0.0 to 9.0.1
- 8.19.0 to 8.19.10 (LTS)
- 8.18.0 to 8.18.1
- 8.17.0 to 8.17.2
- 8.16.0 to 8.16.4
- 8.15.0 to 8.15.5
- 8.14.0 to 8.14.6
- 8.13.0 to 8.13.6
- 8.12.0 to 8.12.6
- 8.11.0 to 8.11.6
- 8.10.0 to 8.10.6
- 8.9.0 to 8.9.20 (LTS)
- 8.8.2 to 8.8.7
- 8.7.3 to 8.7.5
- 8.6.4
|
- 9.5.1 Data Center Only
- 9.4.3 (LTS) Data Center Only
- 8.19.11 to 8.19.15 (LTS) recommended Data Center Only
- 8.9.21 to 8.9.25 (LTS)
|
RCE (Remote Code Execution) org.apache.avro:avro Dependency in Bitbucket Data Center and Server |
CVE-2024-47561 |
7.3 High |
|
| |
| Confluence Data Center and Server |
- 9.2.0 (LTS)
- 9.1.0 to 9.1.1
- 9.0.1 to 9.0.3
- 8.9.0 to 8.9.8
- 8.8.0 to 8.8.1
- 8.7.1 to 8.7.2
- 8.6.0 to 8.6.2
- 8.5.0 to 8.5.18 (LTS)
- 8.4.0 to 8.4.5
- 8.3.0 to 8.3.4
- 8.2.0 to 8.2.3
- 8.1.1 to 8.1.4
- 7.19.6 to 7.19.30 (LTS)
|
- 9.3.1 Data Center Only
- 9.2.1 (LTS) recommended Data Center Only
- 8.5.19 (LTS)
|
RCE (Remote Code Execution) org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center and Server |
CVE-2024-50379 |
9.8 Critical |
|
| RCE (Remote Code Execution) org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center and Server |
CVE-2024-56337 |
9.8 Critical |
|
| Crowd Data Center and Server |
- 6.2.0
- 6.1.0 to 6.1.3
- 6.0.1 to 6.0.6
- 5.3.0 to 5.3.6
|
- 6.2.2 recommended Data Center Only
- 6.1.4 Data Center Only
- 6.0.7 Data Center Only
|
BASM (Broken Authentication & Session Management) org.apache.tomcat:tomcat-catalina Dependency in Crowd Data Center and Server |
CVE-2024-52316 |
9.8 Critical |
|
| RCE (Remote Code Execution) org.apache.tomcat:tomcat-catalina Dependency in Crowd Data Center and Server |
CVE-2024-50379 |
9.8 Critical |
|
| RCE (Remote Code Execution) org.apache.tomcat:tomcat-catalina Dependency in Crowd Data Center and Server |
CVE-2024-56337 |
9.8 Critical |
|
| DoS (Denial of Service) ua-parser.js Dependency in Crowd Data Center |
CVE-2022-25927 |
7.5 High |
|
| Jira Data Center and Server |
- 10.1.1
- 10.0.0 to 10.0.1
- 9.17.0 to 9.17.3
- 9.16.1
- 9.15.2
- 9.14.0 to 9.14.1
- 9.13.0 to 9.13.1
- 9.12.0 to 9.12.14 (LTS)
- 9.11.0 to 9.11.3
- 9.10.0 to 9.10.2
- 9.9.0 to 9.9.2
- 9.8.0 to 9.8.2
- 9.7.0 to 9.7.2
- 9.4.4 to 9.4.27 (LTS)
|
- 10.1.2 Data Center Only
- 9.17.4 to 9.17.5 Data Center Only
- 9.12.15 (LTS) recommended
- 9.4.28 to 9.4.30 (LTS)
|
DoS (Denial of Service) com.google.protobuf:protobuf-java Dependency in Jira Software Data Center and Server |
CVE-2024-7254 |
8.7 High |
|
| |
