Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-66516 (GCVE-0-2025-66516)
Vulnerability from cvelistv5 – Published: 2025-12-04 16:17 – Updated: 2026-02-26 16:57
VLAI
EPSS
Title
Apache Tika core, Apache Tika parsers, Apache Tika PDF parser module: Update to CVE-2025-54988 to expand scope of artifacts affected
Summary
Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF.
This CVE covers the same vulnerability as in CVE-2025-54988. However, this CVE expands the scope of affected packages in two ways.
First, while the entrypoint for the vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to >= 3.2.2 would still be vulnerable.
Second, the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the "org.apache.tika:tika-parsers" module.
Severity
8.4 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://lists.apache.org/thread/s5x3k93nhbkqzztp1… | vendor-advisory |
| https://cve.org/CVERecord?id=CVE-2025-54988 | related |
Impacted products
3 products
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Tika core |
Affected:
1.13 , ≤ 3.2.1
(semver)
|
|
| Apache Software Foundation | Apache Tika parsers |
Affected:
1.13 , < 2.0.0
(semver)
|
|
| Apache Software Foundation | Apache Tika PDF parser module |
Affected:
2.0.0 , ≤ 3.2.1
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-66516",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-15T04:56:02.603334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T16:57:34.060Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"packageName": "org.apache.tika:tika-core",
"product": "Apache Tika core",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "3.2.1",
"status": "affected",
"version": "1.13",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"packageName": "org.apache.tika:tika-parsers",
"product": "Apache Tika parsers",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThan": "2.0.0",
"status": "affected",
"version": "1.13",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"packageName": "org.apache.tika:tika-parser-pdf-module",
"product": "Apache Tika PDF parser module",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "3.2.1",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. \u003cbr\u003e\u003cbr\u003eThis CVE covers the same vulnerability as in\u0026nbsp;CVE-2025-54988. However, this CVE expands the scope of affected packages in two ways. \u003cbr\u003e\u003cbr\u003eFirst, while the entrypoint for the vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to \u0026gt;= 3.2.2 would still be vulnerable. \u003cbr\u003e\u003cbr\u003eSecond, the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the \"org.apache.tika:tika-parsers\" module."
}
],
"value": "Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. \n\nThis CVE covers the same vulnerability as in\u00a0CVE-2025-54988. However, this CVE expands the scope of affected packages in two ways. \n\nFirst, while the entrypoint for the vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to \u003e= 3.2.2 would still be vulnerable. \n\nSecond, the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the \"org.apache.tika:tika-parsers\" module."
}
],
"metrics": [
{
"other": {
"content": {
"text": "critical"
},
"type": "Textual description of severity"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-30T16:12:37.859Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/s5x3k93nhbkqzztp1olxotoyjpdlps9k"
},
{
"tags": [
"related"
],
"url": "https://cve.org/CVERecord?id=CVE-2025-54988"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Tika core, Apache Tika parsers, Apache Tika PDF parser module: Update to CVE-2025-54988 to expand scope of artifacts affected",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-66516",
"datePublished": "2025-12-04T16:17:24.980Z",
"dateReserved": "2025-12-03T23:11:17.441Z",
"dateUpdated": "2026-02-26T16:57:34.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-66516",
"date": "2026-06-17",
"epss": "0.79807",
"percentile": "0.99559"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-66516\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2025-12-04T17:15:57.120\",\"lastModified\":\"2025-12-30T16:15:46.230\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. \\n\\nThis CVE covers the same vulnerability as in\u00a0CVE-2025-54988. However, this CVE expands the scope of affected packages in two ways. \\n\\nFirst, while the entrypoint for the vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to \u003e= 3.2.2 would still be vulnerable. \\n\\nSecond, the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the \\\"org.apache.tika:tika-parsers\\\" module.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.5,\"impactScore\":5.9},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tika:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.13\",\"versionEndExcluding\":\"3.2.2\",\"matchCriteriaId\":\"06E31452-81F9-4B50-A6E1-EE8FE3E148BD\"}]}]}],\"references\":[{\"url\":\"https://cve.org/CVERecord?id=CVE-2025-54988\",\"source\":\"security@apache.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread/s5x3k93nhbkqzztp1olxotoyjpdlps9k\",\"source\":\"security@apache.org\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-66516\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-01-15T04:56:02.603334Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-12-05T18:26:41.700Z\"}}], \"cna\": {\"title\": \"Apache Tika core, Apache Tika parsers, Apache Tika PDF parser module: Update to CVE-2025-54988 to expand scope of artifacts affected\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"other\": {\"type\": \"Textual description of severity\", \"content\": {\"text\": \"critical\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.4, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Tika core\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.13\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"3.2.1\"}], \"packageName\": \"org.apache.tika:tika-core\", \"collectionURL\": \"https://repo.maven.apache.org/maven2\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Tika parsers\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.13\", \"lessThan\": \"2.0.0\", \"versionType\": \"semver\"}], \"packageName\": \"org.apache.tika:tika-parsers\", \"collectionURL\": \"https://repo.maven.apache.org/maven2\", \"defaultStatus\": \"unaffected\"}, {\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Tika PDF parser module\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.0.0\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"3.2.1\"}], \"packageName\": \"org.apache.tika:tika-parser-pdf-module\", \"collectionURL\": \"https://repo.maven.apache.org/maven2\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://lists.apache.org/thread/s5x3k93nhbkqzztp1olxotoyjpdlps9k\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://cve.org/CVERecord?id=CVE-2025-54988\", \"tags\": [\"related\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. \\n\\nThis CVE covers the same vulnerability as in\\u00a0CVE-2025-54988. However, this CVE expands the scope of affected packages in two ways. \\n\\nFirst, while the entrypoint for the vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to \u003e= 3.2.2 would still be vulnerable. \\n\\nSecond, the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the \\\"org.apache.tika:tika-parsers\\\" module.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Critical XXE in Apache Tika tika-core (1.13-3.2.1), tika-pdf-module (2.0.0-3.2.1) and tika-parsers (1.13-1.28.5) modules on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. \u003cbr\u003e\u003cbr\u003eThis CVE covers the same vulnerability as in\u0026nbsp;CVE-2025-54988. However, this CVE expands the scope of affected packages in two ways. \u003cbr\u003e\u003cbr\u003eFirst, while the entrypoint for the vulnerability was the tika-parser-pdf-module as reported in CVE-2025-54988, the vulnerability and its fix were in tika-core. Users who upgraded the tika-parser-pdf-module but did not upgrade tika-core to \u0026gt;= 3.2.2 would still be vulnerable. \u003cbr\u003e\u003cbr\u003eSecond, the original report failed to mention that in the 1.x Tika releases, the PDFParser was in the \\\"org.apache.tika:tika-parsers\\\" module.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-611\", \"description\": \"CWE-611 Improper Restriction of XML External Entity Reference\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2025-12-30T16:12:37.859Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-66516\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-26T16:57:34.060Z\", \"dateReserved\": \"2025-12-03T23:11:17.441Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2025-12-04T16:17:24.980Z\", \"assignerShortName\": \"apache\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
WID-SEC-W-2026-0167
Vulnerability from csaf_certbund - Published: 2026-01-20 23:00 - Updated: 2026-01-20 23:00Summary
Oracle PeopleSoft: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle PeopleSoft ist eine ERP Anwendung.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle PeopleSoft ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
Affected products
Known affected
4 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle PeopleSoft 8.61
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.61
|
8.61 | |
|
Oracle PeopleSoft 8.60
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.60
|
8.6 | |
|
Oracle PeopleSoft 9.2
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:9.2
|
9.2 | |
|
Oracle PeopleSoft 8.62
Oracle / PeopleSoft
|
cpe:/a:oracle:peoplesoft:8.62
|
8.62 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle PeopleSoft ist eine ERP Anwendung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle PeopleSoft ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0167 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0167.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0167 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0167"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2026 - Appendix Oracle PeopleSoft vom 2026-01-20",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixPS"
}
],
"source_lang": "en-US",
"title": "Oracle PeopleSoft: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-01-20T23:00:00.000+00:00",
"generator": {
"date": "2026-01-21T09:05:45.182+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0167",
"initial_release_date": "2026-01-20T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9.2",
"product": {
"name": "Oracle PeopleSoft 9.2",
"product_id": "T019030",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:peoplesoft:9.2"
}
}
},
{
"category": "product_version",
"name": "8.6",
"product": {
"name": "Oracle PeopleSoft 8.60",
"product_id": "T025008",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:peoplesoft:8.60"
}
}
},
{
"category": "product_version",
"name": "8.61",
"product": {
"name": "Oracle PeopleSoft 8.61",
"product_id": "T032124",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:peoplesoft:8.61"
}
}
},
{
"category": "product_version",
"name": "8.62",
"product": {
"name": "Oracle PeopleSoft 8.62",
"product_id": "T042827",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:peoplesoft:8.62"
}
}
}
],
"category": "product_name",
"name": "PeopleSoft"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-27210",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-27210"
},
{
"cve": "CVE-2025-48924",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48924"
},
{
"cve": "CVE-2025-55163",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-55163"
},
{
"cve": "CVE-2025-66516",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-66516"
},
{
"cve": "CVE-2025-6965",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-6965"
},
{
"cve": "CVE-2025-9086",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-9086"
},
{
"cve": "CVE-2025-9230",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-9230"
},
{
"cve": "CVE-2026-21934",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21934"
},
{
"cve": "CVE-2026-21938",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21938"
},
{
"cve": "CVE-2026-21951",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21951"
},
{
"cve": "CVE-2026-21961",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21961"
},
{
"cve": "CVE-2026-21971",
"product_status": {
"known_affected": [
"T032124",
"T025008",
"T019030",
"T042827"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21971"
}
]
}
WID-SEC-W-2026-0177
Vulnerability from csaf_certbund - Published: 2026-01-20 23:00 - Updated: 2026-03-18 23:00Summary
Atlassian Bamboo, Bitbucket, Confluence und Jira: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet.
Bitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle.
Confluence ist eine kommerzielle Wiki-Software.
Jira ist eine Webanwendung zur Softwareentwicklung.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Atlassian Bamboo, Atlassian Bitbucket, Atlassian Confluence und Atlassian Jira ausnutzen, um beliebigen Programmcode auszuführen, um Sicherheitsvorkehrungen zu umgehen, um einen Denial of Service Angriff durchzuführen, und um einen Cross-Site Scripting Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
References
5 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet.\r\nBitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle.\r\nConfluence ist eine kommerzielle Wiki-Software.\r\nJira ist eine Webanwendung zur Softwareentwicklung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Atlassian Bamboo, Atlassian Bitbucket, Atlassian Confluence und Atlassian Jira ausnutzen, um beliebigen Programmcode auszuf\u00fchren, um Sicherheitsvorkehrungen zu umgehen, um einen Denial of Service Angriff durchzuf\u00fchren, und um einen Cross-Site Scripting Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0177 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0177.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0177 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0177"
},
{
"category": "external",
"summary": "Atlassian Support Security Bulletin vom 2026-01-20",
"url": "https://confluence.atlassian.com/security/security-bulletin-january-20-2026-1712324819.html"
},
{
"category": "external",
"summary": "Deell Security Update",
"url": "https://www.dell.com/support/kbdoc/en-us/000281732/dsa-2025-075-security-update-for-dell-data-protection-advisor-for-multiple-component-vulnerabilities"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - March 17 2026",
"url": "https://confluence.atlassian.com/security/security-bulletin-march-17-2026-1721271371.html"
}
],
"source_lang": "en-US",
"title": "Atlassian Bamboo, Bitbucket, Confluence und Jira: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-18T23:00:00.000+00:00",
"generator": {
"date": "2026-03-19T09:58:07.378+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0177",
"initial_release_date": "2026-01-20T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-01-25T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2026-01-28T23:00:00.000+00:00",
"number": "3",
"summary": "Referenz(en) aufgenommen: EUVD-2026-4913"
},
{
"date": "2026-03-17T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2026-03-18T23:00:00.000+00:00",
"number": "5",
"summary": "doppelte Eintragung bereinigt"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c12.0.2",
"product": {
"name": "Atlassian Bamboo Data Center \u003c12.0.2",
"product_id": "T050227"
}
},
{
"category": "product_version",
"name": "Data Center 12.0.2",
"product": {
"name": "Atlassian Bamboo Data Center 12.0.2",
"product_id": "T050227-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:data_center__12.0.2"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c10.2.13",
"product": {
"name": "Atlassian Bamboo Data Center \u003c10.2.13",
"product_id": "T050228"
}
},
{
"category": "product_version",
"name": "Data Center 10.2.13",
"product": {
"name": "Atlassian Bamboo Data Center 10.2.13",
"product_id": "T050228-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:data_center__10.2.13"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c9.6.21",
"product": {
"name": "Atlassian Bamboo Data Center \u003c9.6.21",
"product_id": "T050229"
}
},
{
"category": "product_version",
"name": "Data Center 9.6.21",
"product": {
"name": "Atlassian Bamboo Data Center 9.6.21",
"product_id": "T050229-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:data_center__9.6.21"
}
}
},
{
"category": "product_version_range",
"name": "\u003c12.1.3 (LTS)",
"product": {
"name": "Atlassian Bamboo \u003c12.1.3 (LTS)",
"product_id": "T051830"
}
},
{
"category": "product_version",
"name": "12.1.3 (LTS)",
"product": {
"name": "Atlassian Bamboo 12.1.3 (LTS)",
"product_id": "T051830-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:12.1.3_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.16 (LTS)",
"product": {
"name": "Atlassian Bamboo \u003c10.2.16 (LTS)",
"product_id": "T051831"
}
},
{
"category": "product_version",
"name": "10.2.16 (LTS)",
"product": {
"name": "Atlassian Bamboo 10.2.16 (LTS)",
"product_id": "T051831-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:10.2.16_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.6.24 (LTS)",
"product": {
"name": "Atlassian Bamboo \u003c9.6.24 (LTS)",
"product_id": "T051832"
}
},
{
"category": "product_version",
"name": "9.6.24 (LTS)",
"product": {
"name": "Atlassian Bamboo 9.6.24 (LTS)",
"product_id": "T051832-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:9.6.24_%28lts%29"
}
}
}
],
"category": "product_name",
"name": "Bamboo"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c10.1.1",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c10.1.1",
"product_id": "T050230"
}
},
{
"category": "product_version",
"name": "Data Center 10.1.1",
"product": {
"name": "Atlassian Bitbucket Data Center 10.1.1",
"product_id": "T050230-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__10.1.1"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c9.4.15",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c9.4.15",
"product_id": "T050231"
}
},
{
"category": "product_version",
"name": "Data Center 9.4.15",
"product": {
"name": "Atlassian Bitbucket Data Center 9.4.15",
"product_id": "T050231-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__9.4.15"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c8.19.26",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c8.19.26",
"product_id": "T050232"
}
},
{
"category": "product_version",
"name": "Data Center 8.19.26",
"product": {
"name": "Atlassian Bitbucket Data Center 8.19.26",
"product_id": "T050232-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__8.19.26"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.1.5",
"product": {
"name": "Atlassian Bitbucket \u003c10.1.5",
"product_id": "T051833"
}
},
{
"category": "product_version",
"name": "10.1.5",
"product": {
"name": "Atlassian Bitbucket 10.1.5",
"product_id": "T051833-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:10.1.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.0 to 10.2.1",
"product": {
"name": "Atlassian Bitbucket \u003c10.2.0 to 10.2.1",
"product_id": "T051834"
}
},
{
"category": "product_version",
"name": "10.2.0 to 10.2.1",
"product": {
"name": "Atlassian Bitbucket 10.2.0 to 10.2.1",
"product_id": "T051834-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:10.2.0_to_10.2.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.17 to 9.4.18",
"product": {
"name": "Atlassian Bitbucket \u003c9.4.17 to 9.4.18",
"product_id": "T051835"
}
},
{
"category": "product_version",
"name": "9.4.17 to 9.4.18",
"product": {
"name": "Atlassian Bitbucket 9.4.17 to 9.4.18",
"product_id": "T051835-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:9.4.17_to_9.4.18"
}
}
}
],
"category": "product_name",
"name": "Bitbucket"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c10.2.2",
"product": {
"name": "Atlassian Confluence Data Center \u003c10.2.2",
"product_id": "T050233"
}
},
{
"category": "product_version",
"name": "Data Center 10.2.2",
"product": {
"name": "Atlassian Confluence Data Center 10.2.2",
"product_id": "T050233-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center__10.2.2"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c9.2.13",
"product": {
"name": "Atlassian Confluence Data Center \u003c9.2.13",
"product_id": "T050234"
}
},
{
"category": "product_version",
"name": "Data Center 9.2.13",
"product": {
"name": "Atlassian Confluence Data Center 9.2.13",
"product_id": "T050234-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center__9.2.13"
}
}
}
],
"category": "product_name",
"name": "Confluence"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c11.3.0",
"product": {
"name": "Atlassian Jira Data Center \u003c11.3.0",
"product_id": "T050235"
}
},
{
"category": "product_version",
"name": "Data Center 11.3.0",
"product": {
"name": "Atlassian Jira Data Center 11.3.0",
"product_id": "T050235-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:data_center__11.3.0"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c11.2.1",
"product": {
"name": "Atlassian Jira Data Center \u003c11.2.1",
"product_id": "T050236"
}
},
{
"category": "product_version",
"name": "Data Center 11.2.1",
"product": {
"name": "Atlassian Jira Data Center 11.2.1",
"product_id": "T050236-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:data_center__11.2.1"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c10.3.16",
"product": {
"name": "Atlassian Jira Data Center \u003c10.3.16",
"product_id": "T050237"
}
},
{
"category": "product_version",
"name": "Data Center 10.3.16",
"product": {
"name": "Atlassian Jira Data Center 10.3.16",
"product_id": "T050237-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:data_center__10.3.16"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.12.26",
"product": {
"name": "Atlassian Jira \u003c9.12.26",
"product_id": "T050238"
}
},
{
"category": "product_version",
"name": "9.12.26",
"product": {
"name": "Atlassian Jira 9.12.26",
"product_id": "T050238-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:9.12.26"
}
}
}
],
"category": "product_name",
"name": "Jira"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c19.12",
"product": {
"name": "Dell Data Protection Advisor \u003c19.12",
"product_id": "T050283"
}
},
{
"category": "product_version",
"name": "19.12",
"product": {
"name": "Dell Data Protection Advisor 19.12",
"product_id": "T050283-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:data_protection_advisor:19.12"
}
}
}
],
"category": "product_name",
"name": "Data Protection Advisor"
}
],
"category": "vendor",
"name": "Dell"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2022-25883",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2022-25883"
},
{
"cve": "CVE-2022-45693",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2022-45693"
},
{
"cve": "CVE-2024-21538",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-21538"
},
{
"cve": "CVE-2024-38286",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-38286"
},
{
"cve": "CVE-2024-45296",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-45296"
},
{
"cve": "CVE-2024-45801",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-45801"
},
{
"cve": "CVE-2025-12383",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-12383"
},
{
"cve": "CVE-2025-15284",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-15284"
},
{
"cve": "CVE-2025-27152",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-27152"
},
{
"cve": "CVE-2025-41249",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-41249"
},
{
"cve": "CVE-2025-48976",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48976"
},
{
"cve": "CVE-2025-48989",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48989"
},
{
"cve": "CVE-2025-49146",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-49146"
},
{
"cve": "CVE-2025-52434",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-52434"
},
{
"cve": "CVE-2025-52999",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-52999"
},
{
"cve": "CVE-2025-53689",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-53689"
},
{
"cve": "CVE-2025-54988",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-54988"
},
{
"cve": "CVE-2025-55163",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-55163"
},
{
"cve": "CVE-2025-55752",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-55752"
},
{
"cve": "CVE-2025-64775",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-64775"
},
{
"cve": "CVE-2025-66516",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-66516"
},
{
"cve": "CVE-2025-9287",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-9287"
},
{
"cve": "CVE-2025-9288",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-9288"
},
{
"cve": "CVE-2026-21569",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21569"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…