Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-33870 (GCVE-0-2026-33870)
Vulnerability from cvelistv5 – Published: 2026-03-27 19:54 – Updated: 2026-07-03 12:04
VLAI
EPSS
Title
Netty: HTTP Request Smuggling via Chunked Extension Quoted-String Parsing
Summary
Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, Netty incorrectly parses quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks. Versions 4.1.132.Final and 4.2.10.Final fix the issue.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
Assigner
References
23 references
Impacted products
36 products
| Vendor | Product | Version | |
|---|---|---|---|
| netty | netty |
Affected:
< 4.1.132.Final
Affected: >= 4.2.0.Alpha1, < 4.2.10.Final |
|
| Red Hat | Red Hat JBoss EAP 8.1 for RHEL 8 |
cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8 |
|
| Red Hat | Cryostat 4 on RHEL 9 |
cpe:/a:redhat:cryostat:4::el9 |
|
| Red Hat | Red Hat JBoss EAP 8.1 for RHEL 9 |
cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9 |
|
| Red Hat | Red Hat AMQ Broker 7.12.7 |
cpe:/a:redhat:amq_broker:7.12 |
|
| Red Hat | Red Hat AMQ Broker 7.13.5 |
cpe:/a:redhat:amq_broker:7.13 |
|
| Red Hat | Red Hat AMQ Broker 7.14.0 |
cpe:/a:redhat:amq_broker:7.14 |
|
| Red Hat | Red Hat Build of Apache Camel 4.14 for Quarkus 3.27 |
cpe:/a:redhat:apache_camel_quarkus:3.27 |
|
| Red Hat | Red Hat Data Grid 8.6.1 |
cpe:/a:redhat:jboss_data_grid:8 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform 8.1 |
cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9 |
|
| Red Hat | Red Hat OpenShift AI 2.25 |
cpe:/a:redhat:openshift_ai:2.25::el9 |
|
| Red Hat | Red Hat OpenShift Dev Spaces 3.27 |
cpe:/a:redhat:openshift_devspaces:3.27::el9 |
|
| Red Hat | Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14 |
cpe:/a:redhat:apache_camel_spring_boot:4.18 |
|
| Red Hat | Red Hat build of Quarkus 3.20.6 |
cpe:/a:redhat:quarkus:3.20::el8 |
|
| Red Hat | Red Hat build of Quarkus 3.27.3 |
cpe:/a:redhat:quarkus:3.27::el8 |
|
| Red Hat | Streams for Apache Kafka 2.9.4 |
cpe:/a:redhat:amq_streams:2.9::el9 |
|
| Red Hat | Streams for Apache Kafka 3.2.0 |
cpe:/a:redhat:amq_streams:3.2::el9 |
|
| Red Hat | Logging Subsystem for Red Hat OpenShift |
cpe:/a:redhat:logging:5 |
|
| Red Hat | OpenShift Serverless |
cpe:/a:redhat:serverless:1 |
|
| Red Hat | Red Hat AMQ Clients |
cpe:/a:redhat:amq_clients:2023 |
|
| Red Hat | Red Hat build of Apache Camel - HawtIO 4 |
cpe:/a:redhat:apache_camel_hawtio:4 |
|
| Red Hat | Red Hat build of Apache Camel 4 for Quarkus 3 |
cpe:/a:redhat:camel_quarkus:3 |
|
| Red Hat | Red Hat build of Apicurio Registry 2 |
cpe:/a:redhat:service_registry:2 |
|
| Red Hat | Red Hat build of Apicurio Registry 3 |
cpe:/a:redhat:apicurio_registry:3 |
|
| Red Hat | Red Hat build of Debezium 3 |
cpe:/a:redhat:debezium:3 |
|
| Red Hat | Red Hat Build of Keycloak |
cpe:/a:redhat:build_keycloak: |
|
| Red Hat | Red Hat build of OptaPlanner 8 |
cpe:/a:redhat:optaplanner:::el6 |
|
| Red Hat | Red Hat Enterprise Linux AI (RHEL AI) 3 |
cpe:/a:redhat:enterprise_linux_ai:3 |
|
| Red Hat | Red Hat Fuse 7 |
cpe:/a:redhat:jboss_fuse:7 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform 7 |
cpe:/a:redhat:jboss_enterprise_application_platform:7 |
|
| Red Hat | Red Hat OpenShift AI (RHOAI) |
cpe:/a:redhat:openshift_ai |
|
| Red Hat | Red Hat Process Automation 7 |
cpe:/a:redhat:jboss_enterprise_bpms_platform:7 |
|
| Red Hat | Red Hat Single Sign-On 7 |
cpe:/a:redhat:red_hat_single_sign_on:7 |
|
| Red Hat | Red Hat JBoss Enterprise Application Platform Expansion Pack |
cpe:/a:redhat:jbosseapxp |
|
| Red Hat | Red Hat Satellite 6 |
cpe:/a:redhat:satellite:6 |
|
| Red Hat | streams for Apache Kafka 3 |
cpe:/a:redhat:amq_streams:3 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-33870",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-31T13:55:28.970197Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-31T13:55:47.863Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"affected": [
{
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8"
],
"defaultStatus": "affected",
"product": "Red Hat JBoss EAP 8.1 for RHEL 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:cryostat:4::el9"
],
"defaultStatus": "affected",
"product": "Cryostat 4 on RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
],
"defaultStatus": "affected",
"product": "Red Hat JBoss EAP 8.1 for RHEL 9",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_broker:7.12"
],
"defaultStatus": "affected",
"product": "Red Hat AMQ Broker 7.12.7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_broker:7.13"
],
"defaultStatus": "affected",
"product": "Red Hat AMQ Broker 7.13.5",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_broker:7.14"
],
"defaultStatus": "affected",
"product": "Red Hat AMQ Broker 7.14.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apache_camel_quarkus:3.27"
],
"defaultStatus": "affected",
"product": "Red Hat Build of Apache Camel 4.14 for Quarkus 3.27",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_data_grid:8"
],
"defaultStatus": "affected",
"product": "Red Hat Data Grid 8.6.1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9"
],
"defaultStatus": "affected",
"product": "Red Hat JBoss Enterprise Application Platform 8.1",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai:2.25::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI 2.25",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_devspaces:3.27::el9"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift Dev Spaces 3.27",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apache_camel_spring_boot:4.18"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quarkus:3.20::el8"
],
"defaultStatus": "affected",
"product": "Red Hat build of Quarkus 3.20.6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:quarkus:3.27::el8"
],
"defaultStatus": "affected",
"product": "Red Hat build of Quarkus 3.27.3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_streams:2.9::el9"
],
"defaultStatus": "affected",
"product": "Streams for Apache Kafka 2.9.4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_streams:3.2::el9"
],
"defaultStatus": "affected",
"product": "Streams for Apache Kafka 3.2.0",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:logging:5"
],
"defaultStatus": "affected",
"product": "Logging Subsystem for Red Hat OpenShift",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:serverless:1"
],
"defaultStatus": "affected",
"product": "OpenShift Serverless",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_clients:2023"
],
"defaultStatus": "affected",
"product": "Red Hat AMQ Clients",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apache_camel_hawtio:4"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apache Camel - HawtIO 4",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:camel_quarkus:3"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apache Camel 4 for Quarkus 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:service_registry:2"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apicurio Registry 2",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:apicurio_registry:3"
],
"defaultStatus": "affected",
"product": "Red Hat build of Apicurio Registry 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:debezium:3"
],
"defaultStatus": "affected",
"product": "Red Hat build of Debezium 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:build_keycloak:"
],
"defaultStatus": "affected",
"product": "Red Hat Build of Keycloak",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:optaplanner:::el6"
],
"defaultStatus": "affected",
"product": "Red Hat build of OptaPlanner 8",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:enterprise_linux_ai:3"
],
"defaultStatus": "affected",
"product": "Red Hat Enterprise Linux AI (RHEL AI) 3",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_fuse:7"
],
"defaultStatus": "affected",
"product": "Red Hat Fuse 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_enterprise_application_platform:7"
],
"defaultStatus": "affected",
"product": "Red Hat JBoss Enterprise Application Platform 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:openshift_ai"
],
"defaultStatus": "affected",
"product": "Red Hat OpenShift AI (RHOAI)",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jboss_enterprise_bpms_platform:7"
],
"defaultStatus": "affected",
"product": "Red Hat Process Automation 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:red_hat_single_sign_on:7"
],
"defaultStatus": "affected",
"product": "Red Hat Single Sign-On 7",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:jbosseapxp"
],
"defaultStatus": "unaffected",
"product": "Red Hat JBoss Enterprise Application Platform Expansion Pack",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:satellite:6"
],
"defaultStatus": "unaffected",
"product": "Red Hat Satellite 6",
"vendor": "Red Hat"
},
{
"cpes": [
"cpe:/a:redhat:amq_streams:3"
],
"defaultStatus": "unaffected",
"product": "streams for Apache Kafka 3",
"vendor": "Red Hat"
}
],
"datePublic": "2026-03-27T19:54:15.586Z",
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass security controls or access unauthorized information."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Important"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-03T12:04:50.366Z",
"orgId": "0b0ca135-0b70-47e7-9f44-1890c2a1c46c",
"shortName": "redhat-SADP"
},
"references": [
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2026-33870"
},
{
"name": "RHBZ#2452453",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2452453"
},
{
"tags": [
"x_sadp-csaf-vex"
],
"url": "https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33870.json"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:18054"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17789"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:18055"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:14276"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:14272"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8509"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:8159"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:22619"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:18059"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10184"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:10175"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:17668"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7109"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:7380"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:34608"
},
{
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2026:13571"
}
],
"solutions": [
{
"lang": "en",
"value": "RHSA-2026:18054: Red Hat JBoss EAP 8.1 for RHEL 8"
},
{
"lang": "en",
"value": "RHSA-2026:17789: Cryostat 4 on RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:18055: Red Hat JBoss EAP 8.1 for RHEL 9"
},
{
"lang": "en",
"value": "RHSA-2026:14276: Red Hat AMQ Broker 7.12.7"
},
{
"lang": "en",
"value": "RHSA-2026:14272: Red Hat AMQ Broker 7.13.5"
},
{
"lang": "en",
"value": "RHSA-2026:8509: Red Hat AMQ Broker 7.14.0"
},
{
"lang": "en",
"value": "RHSA-2026:8159: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27"
},
{
"lang": "en",
"value": "RHSA-2026:22619: Red Hat Data Grid 8.6.1"
},
{
"lang": "en",
"value": "RHSA-2026:18059: Red Hat JBoss Enterprise Application Platform 8.1"
},
{
"lang": "en",
"value": "RHSA-2026:10184: Red Hat OpenShift AI 2.25"
},
{
"lang": "en",
"value": "RHSA-2026:10175: Red Hat OpenShift Dev Spaces 3.27"
},
{
"lang": "en",
"value": "RHSA-2026:17668: Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14"
},
{
"lang": "en",
"value": "RHSA-2026:7109: Red Hat build of Quarkus 3.20.6"
},
{
"lang": "en",
"value": "RHSA-2026:7380: Red Hat build of Quarkus 3.27.3"
},
{
"lang": "en",
"value": "RHSA-2026:34608: Streams for Apache Kafka 2.9.4"
},
{
"lang": "en",
"value": "RHSA-2026:13571: Streams for Apache Kafka 3.2.0"
}
],
"timeline": [
{
"lang": "en",
"time": "2026-03-27T21:01:59.865Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2026-03-27T19:54:15.586Z",
"value": "Made public."
}
],
"title": "io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_adpType": "supplier",
"x_generator": {
"engine": "sadp-cli 1.0.0"
}
}
],
"cna": {
"affected": [
{
"product": "netty",
"vendor": "netty",
"versions": [
{
"status": "affected",
"version": "\u003c 4.1.132.Final"
},
{
"status": "affected",
"version": "\u003e= 4.2.0.Alpha1, \u003c 4.2.10.Final"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, Netty incorrectly parses quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks. Versions 4.1.132.Final and 4.2.10.Final fix the issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-444",
"description": "CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-03-27T19:54:15.586Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8"
},
{
"name": "https://w4ke.info/2025/06/18/funky-chunks.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://w4ke.info/2025/06/18/funky-chunks.html"
},
{
"name": "https://w4ke.info/2025/10/29/funky-chunks-2.html",
"tags": [
"x_refsource_MISC"
],
"url": "https://w4ke.info/2025/10/29/funky-chunks-2.html"
},
{
"name": "https://www.rfc-editor.org/rfc/rfc9110",
"tags": [
"x_refsource_MISC"
],
"url": "https://www.rfc-editor.org/rfc/rfc9110"
}
],
"source": {
"advisory": "GHSA-pwqr-wmgm-9rr8",
"discovery": "UNKNOWN"
},
"title": "Netty: HTTP Request Smuggling via Chunked Extension Quoted-String Parsing"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2026-33870",
"datePublished": "2026-03-27T19:54:15.586Z",
"dateReserved": "2026-03-24T15:10:05.678Z",
"dateUpdated": "2026-07-03T12:04:50.366Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-33870",
"date": "2026-07-03",
"epss": "0.0064",
"percentile": "0.46223"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-33870\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2026-03-27T20:16:34.663\",\"lastModified\":\"2026-07-03T13:17:06.177\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, Netty incorrectly parses quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks. Versions 4.1.132.Final and 4.2.10.Final fix the issue.\"}],\"affected\":[{\"source\":\"security-advisories@github.com\",\"affectedData\":[{\"vendor\":\"netty\",\"product\":\"netty\",\"versions\":[{\"version\":\"\u003c 4.1.132.Final\",\"status\":\"affected\"},{\"version\":\"\u003e= 4.2.0.Alpha1, \u003c 4.2.10.Final\",\"status\":\"affected\"}]}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"affectedData\":[{\"vendor\":\"Red Hat\",\"product\":\"Red Hat JBoss EAP 8.1 for RHEL 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Cryostat 4 on RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:cryostat:4::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat JBoss EAP 8.1 for RHEL 9\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat AMQ Broker 7.12.7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:amq_broker:7.12\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat AMQ Broker 7.13.5\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:amq_broker:7.13\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat AMQ Broker 7.14.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:amq_broker:7.14\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:apache_camel_quarkus:3.27\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Data Grid 8.6.1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:jboss_data_grid:8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat JBoss Enterprise Application Platform 8.1\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI 2.25\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai:2.25::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift Dev Spaces 3.27\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_devspaces:3.27::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:apache_camel_spring_boot:4.18\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Quarkus 3.20.6\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quarkus:3.20::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Quarkus 3.27.3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:quarkus:3.27::el8\"]},{\"vendor\":\"Red Hat\",\"product\":\"Streams for Apache Kafka 2.9.4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:amq_streams:2.9::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Streams for Apache Kafka 3.2.0\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:amq_streams:3.2::el9\"]},{\"vendor\":\"Red Hat\",\"product\":\"Logging Subsystem for Red Hat OpenShift\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:logging:5\"]},{\"vendor\":\"Red Hat\",\"product\":\"OpenShift Serverless\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:serverless:1\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat AMQ Clients\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:amq_clients:2023\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apache Camel - HawtIO 4\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:apache_camel_hawtio:4\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apache Camel 4 for Quarkus 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:camel_quarkus:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apicurio Registry 2\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:service_registry:2\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Apicurio Registry 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:apicurio_registry:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of Debezium 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:debezium:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Build of Keycloak\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:build_keycloak:\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat build of OptaPlanner 8\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:optaplanner:::el6\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Enterprise Linux AI (RHEL AI) 3\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:enterprise_linux_ai:3\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Fuse 7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:jboss_fuse:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat JBoss Enterprise Application Platform 7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:jboss_enterprise_application_platform:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat OpenShift AI (RHOAI)\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:openshift_ai\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Process Automation 7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:jboss_enterprise_bpms_platform:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Single Sign-On 7\",\"defaultStatus\":\"affected\",\"cpes\":[\"cpe:/a:redhat:red_hat_single_sign_on:7\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat JBoss Enterprise Application Platform Expansion Pack\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:jbosseapxp\"]},{\"vendor\":\"Red Hat\",\"product\":\"Red Hat Satellite 6\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:satellite:6\"]},{\"vendor\":\"Red Hat\",\"product\":\"streams for Apache Kafka 3\",\"defaultStatus\":\"unaffected\",\"cpes\":[\"cpe:/a:redhat:amq_streams:3\"]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"ssvcV203\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"ssvcData\":{\"timestamp\":\"2026-03-31T13:55:28.970197Z\",\"id\":\"CVE-2026-33870\",\"options\":[{\"exploitation\":\"poc\"},{\"automatable\":\"yes\"},{\"technicalImpact\":\"partial\"}],\"role\":\"CISA Coordinator\",\"version\":\"2.0.3\"}}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]},{\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-444\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"4.1.132\",\"matchCriteriaId\":\"8F551B7E-5E29-4062-8FDB-AA1377B3E8F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netty:netty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.2.0\",\"versionEndExcluding\":\"4.2.10\",\"matchCriteriaId\":\"419E92FA-6271-4613-AF3D-CF09ADFF2E13\"}]}]}],\"references\":[{\"url\":\"https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Exploit\",\"Mitigation\",\"Vendor Advisory\"]},{\"url\":\"https://w4ke.info/2025/06/18/funky-chunks.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Technical Description\"]},{\"url\":\"https://w4ke.info/2025/10/29/funky-chunks-2.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Technical Description\"]},{\"url\":\"https://www.rfc-editor.org/rfc/rfc9110\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Technical Description\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10175\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:10184\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:13571\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:14272\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:14276\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17668\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:17789\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:18054\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:18055\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:18059\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:22619\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:34608\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7109\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:7380\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8159\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2026:8509\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://access.redhat.com/security/cve/CVE-2026-33870\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2452453\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"},{\"url\":\"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33870.json\",\"source\":\"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"io.netty/netty-codec-http: Netty: Request smuggling via incorrect parsing of HTTP/1.1 chunked transfer encoding extension values\", \"metrics\": [{\"other\": {\"type\": \"Red Hat severity rating\", \"content\": {\"value\": \"Important\", \"namespace\": \"https://access.redhat.com/security/updates/classification/\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss EAP 8.1 for RHEL 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:cryostat:4::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Cryostat 4 on RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss EAP 8.1 for RHEL 9\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_broker:7.12\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat AMQ Broker 7.12.7\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_broker:7.13\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat AMQ Broker 7.13.5\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_broker:7.14\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat AMQ Broker 7.14.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:apache_camel_quarkus:3.27\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Build of Apache Camel 4.14 for Quarkus 3.27\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_data_grid:8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Data Grid 8.6.1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:8.1::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 8.1\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai:2.25::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI 2.25\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_devspaces:3.27::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift Dev Spaces 3.27\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:apache_camel_spring_boot:4.18\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quarkus:3.20::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Quarkus 3.20.6\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:quarkus:3.27::el8\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Quarkus 3.27.3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_streams:2.9::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Streams for Apache Kafka 2.9.4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_streams:3.2::el9\"], \"vendor\": \"Red Hat\", \"product\": \"Streams for Apache Kafka 3.2.0\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:logging:5\"], \"vendor\": \"Red Hat\", \"product\": \"Logging Subsystem for Red Hat OpenShift\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:serverless:1\"], \"vendor\": \"Red Hat\", \"product\": \"OpenShift Serverless\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_clients:2023\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat AMQ Clients\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:apache_camel_hawtio:4\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apache Camel - HawtIO 4\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:camel_quarkus:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apache Camel 4 for Quarkus 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:service_registry:2\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apicurio Registry 2\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:apicurio_registry:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Apicurio Registry 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:debezium:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of Debezium 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:build_keycloak:\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Build of Keycloak\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:optaplanner:::el6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat build of OptaPlanner 8\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:enterprise_linux_ai:3\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Enterprise Linux AI (RHEL AI) 3\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_fuse:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Fuse 7\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_application_platform:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform 7\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:openshift_ai\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat OpenShift AI (RHOAI)\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jboss_enterprise_bpms_platform:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Process Automation 7\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:red_hat_single_sign_on:7\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Single Sign-On 7\", \"defaultStatus\": \"affected\"}, {\"cpes\": [\"cpe:/a:redhat:jbosseapxp\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat JBoss Enterprise Application Platform Expansion Pack\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:satellite:6\"], \"vendor\": \"Red Hat\", \"product\": \"Red Hat Satellite 6\", \"defaultStatus\": \"unaffected\"}, {\"cpes\": [\"cpe:/a:redhat:amq_streams:3\"], \"vendor\": \"Red Hat\", \"product\": \"streams for Apache Kafka 3\", \"defaultStatus\": \"unaffected\"}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2026-03-27T21:01:59.865Z\", \"value\": \"Reported to Red Hat.\"}, {\"lang\": \"en\", \"time\": \"2026-03-27T19:54:15.586Z\", \"value\": \"Made public.\"}], \"solutions\": [{\"lang\": \"en\", \"value\": \"RHSA-2026:18054: Red Hat JBoss EAP 8.1 for RHEL 8\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:17789: Cryostat 4 on RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:18055: Red Hat JBoss EAP 8.1 for RHEL 9\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:14276: Red Hat AMQ Broker 7.12.7\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:14272: Red Hat AMQ Broker 7.13.5\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8509: Red Hat AMQ Broker 7.14.0\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:8159: Red Hat Build of Apache Camel 4.14 for Quarkus 3.27\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:22619: Red Hat Data Grid 8.6.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:18059: Red Hat JBoss Enterprise Application Platform 8.1\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10184: Red Hat OpenShift AI 2.25\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:10175: Red Hat OpenShift Dev Spaces 3.27\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:17668: Red Hat build of Apache Camel 4.18.1 for Spring Boot 3.5.14\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7109: Red Hat build of Quarkus 3.20.6\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:7380: Red Hat build of Quarkus 3.27.3\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:34608: Streams for Apache Kafka 2.9.4\"}, {\"lang\": \"en\", \"value\": \"RHSA-2026:13571: Streams for Apache Kafka 3.2.0\"}], \"x_adpType\": \"supplier\", \"datePublic\": \"2026-03-27T19:54:15.586Z\", \"references\": [{\"url\": \"https://access.redhat.com/security/cve/CVE-2026-33870\", \"tags\": [\"vdb-entry\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2452453\", \"name\": \"RHBZ#2452453\", \"tags\": [\"issue-tracking\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33870.json\", \"tags\": [\"x_sadp-csaf-vex\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:18054\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:17789\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:18055\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:14276\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:14272\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8509\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:8159\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:22619\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:18059\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10184\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:10175\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:17668\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7109\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:7380\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:34608\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2026:13571\", \"tags\": [\"vendor-advisory\", \"x_refsource_REDHAT\"]}], \"workarounds\": [{\"lang\": \"en\", \"value\": \"Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.\"}], \"x_generator\": {\"engine\": \"sadp-cli 1.0.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw was found in Netty. A remote attacker could exploit this vulnerability by sending specially crafted HTTP/1.1 chunked transfer encoding extension values. Due to incorrect parsing of quoted strings, this flaw enables request smuggling attacks, potentially allowing an attacker to bypass security controls or access unauthorized information.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-444\", \"description\": \"Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"0b0ca135-0b70-47e7-9f44-1890c2a1c46c\", \"shortName\": \"redhat-SADP\", \"dateUpdated\": \"2026-07-03T12:04:50.366Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-33870\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-03-31T13:55:28.970197Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-03-31T13:55:43.820Z\"}}], \"cna\": {\"title\": \"Netty: HTTP Request Smuggling via Chunked Extension Quoted-String Parsing\", \"source\": {\"advisory\": \"GHSA-pwqr-wmgm-9rr8\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"netty\", \"product\": \"netty\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 4.1.132.Final\"}, {\"status\": \"affected\", \"version\": \"\u003e= 4.2.0.Alpha1, \u003c 4.2.10.Final\"}]}], \"references\": [{\"url\": \"https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8\", \"name\": \"https://github.com/netty/netty/security/advisories/GHSA-pwqr-wmgm-9rr8\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://w4ke.info/2025/06/18/funky-chunks.html\", \"name\": \"https://w4ke.info/2025/06/18/funky-chunks.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://w4ke.info/2025/10/29/funky-chunks-2.html\", \"name\": \"https://w4ke.info/2025/10/29/funky-chunks-2.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.rfc-editor.org/rfc/rfc9110\", \"name\": \"https://www.rfc-editor.org/rfc/rfc9110\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Netty is an asynchronous, event-driven network application framework. In versions prior to 4.1.132.Final and 4.2.10.Final, Netty incorrectly parses quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks. Versions 4.1.132.Final and 4.2.10.Final fix the issue.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-444\", \"description\": \"CWE-444: Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2026-03-27T19:54:15.586Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2026-33870\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-07-03T12:04:50.366Z\", \"dateReserved\": \"2026-03-24T15:10:05.678Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2026-03-27T19:54:15.586Z\", \"assignerShortName\": \"GitHub_M\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
WID-SEC-W-2026-1198
Vulnerability from csaf_certbund - Published: 2026-04-21 22:00 - Updated: 2026-04-21 22:00Summary
Oracle Database Server: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Die Oracle Datenbank ist ein weit verbreitetes relationales Datenbanksystem.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Database Server ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=21.21
Oracle / Database Server
|
<=21.21 | ||
|
Oracle Database Server <=19.30
Oracle / Database Server
|
<=19.30 | ||
|
Oracle Database Server <=23.26.1
Oracle / Database Server
|
<=23.26.1 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=21.21
Oracle / Database Server
|
<=21.21 | ||
|
Oracle Database Server <=19.30
Oracle / Database Server
|
<=19.30 | ||
|
Oracle Database Server <=23.26.1
Oracle / Database Server
|
<=23.26.1 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=21.21
Oracle / Database Server
|
<=21.21 | ||
|
Oracle Database Server <=19.30
Oracle / Database Server
|
<=19.30 | ||
|
Oracle Database Server <=23.26.1
Oracle / Database Server
|
<=23.26.1 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=21.21
Oracle / Database Server
|
<=21.21 | ||
|
Oracle Database Server <=19.30
Oracle / Database Server
|
<=19.30 | ||
|
Oracle Database Server <=23.26.1
Oracle / Database Server
|
<=23.26.1 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=21.21
Oracle / Database Server
|
<=21.21 | ||
|
Oracle Database Server <=19.30
Oracle / Database Server
|
<=19.30 | ||
|
Oracle Database Server <=23.26.1
Oracle / Database Server
|
<=23.26.1 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=21.21
Oracle / Database Server
|
<=21.21 | ||
|
Oracle Database Server <=19.30
Oracle / Database Server
|
<=19.30 | ||
|
Oracle Database Server <=23.26.1
Oracle / Database Server
|
<=23.26.1 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=21.21
Oracle / Database Server
|
<=21.21 | ||
|
Oracle Database Server <=19.30
Oracle / Database Server
|
<=19.30 | ||
|
Oracle Database Server <=23.26.1
Oracle / Database Server
|
<=23.26.1 |
Affected products
Last affected
3 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Database Server <=21.21
Oracle / Database Server
|
<=21.21 | ||
|
Oracle Database Server <=19.30
Oracle / Database Server
|
<=19.30 | ||
|
Oracle Database Server <=23.26.1
Oracle / Database Server
|
<=23.26.1 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die Oracle Datenbank ist ein weit verbreitetes relationales Datenbanksystem.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Database Server ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1198 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1198.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1198 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1198"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2026 - Appendix Oracle Database Server vom 2026-04-21",
"url": "https://www.oracle.com/security-alerts/cpuapr2026.html#AppendixDB"
}
],
"source_lang": "en-US",
"title": "Oracle Database Server: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-04-21T22:00:00.000+00:00",
"generator": {
"date": "2026-04-22T08:44:18.187+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-1198",
"initial_release_date": "2026-04-21T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-04-21T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=19.30",
"product": {
"name": "Oracle Database Server \u003c=19.30",
"product_id": "T053046"
}
},
{
"category": "product_version_range",
"name": "\u003c=19.30",
"product": {
"name": "Oracle Database Server \u003c=19.30",
"product_id": "T053046-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=23.26.1",
"product": {
"name": "Oracle Database Server \u003c=23.26.1",
"product_id": "T053047"
}
},
{
"category": "product_version_range",
"name": "\u003c=23.26.1",
"product": {
"name": "Oracle Database Server \u003c=23.26.1",
"product_id": "T053047-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=21.21",
"product": {
"name": "Oracle Database Server \u003c=21.21",
"product_id": "T053048"
}
},
{
"category": "product_version_range",
"name": "\u003c=21.21",
"product": {
"name": "Oracle Database Server \u003c=21.21",
"product_id": "T053048-fixed"
}
}
],
"category": "product_name",
"name": "Database Server"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-31948",
"product_status": {
"last_affected": [
"T053048",
"T053046",
"T053047"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2025-31948"
},
{
"cve": "CVE-2025-48924",
"product_status": {
"last_affected": [
"T053048",
"T053046",
"T053047"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2025-48924"
},
{
"cve": "CVE-2026-21999",
"product_status": {
"last_affected": [
"T053048",
"T053046",
"T053047"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-21999"
},
{
"cve": "CVE-2026-26007",
"product_status": {
"last_affected": [
"T053048",
"T053046",
"T053047"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-26007"
},
{
"cve": "CVE-2026-31790",
"product_status": {
"last_affected": [
"T053048",
"T053046",
"T053047"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-31790"
},
{
"cve": "CVE-2026-33870",
"product_status": {
"last_affected": [
"T053048",
"T053046",
"T053047"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-33870"
},
{
"cve": "CVE-2026-34312",
"product_status": {
"last_affected": [
"T053048",
"T053046",
"T053047"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-34312"
},
{
"cve": "CVE-2026-35229",
"product_status": {
"last_affected": [
"T053048",
"T053046",
"T053047"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-35229"
}
]
}
WID-SEC-W-2026-1229
Vulnerability from csaf_certbund - Published: 2026-04-21 22:00 - Updated: 2026-05-25 22:00Summary
Atlassian Bamboo, Bitbucket, Confluence, Jira: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet.
Bitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle.
Confluence ist eine kommerzielle Wiki-Software.
Jira ist eine Webanwendung zur Softwareentwicklung.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Atlassian Bamboo, Atlassian Bitbucket, Atlassian Confluence und Atlassian Jira ausnutzen, um beliebigen Programmcode auszuführen, Sicherheitsmaßnahmen zu umgehen, Daten zu manipulieren oder offenzulegen oder Cross-Site-Scripting-Angriffe durchzuführen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
Affected products
Known affected
13 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Jira Service Management <10.3.19
Atlassian / Jira
|
Service Management <10.3.19 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket <10.2.2
Atlassian / Bitbucket
|
<10.2.2 | ||
|
Atlassian Jira Service Management <11.3.4
Atlassian / Jira
|
Service Management <11.3.4 | ||
|
Atlassian Jira <11.3.4
Atlassian / Jira
|
<11.3.4 | ||
|
Atlassian Jira <10.3.19
Atlassian / Jira
|
<10.3.19 | ||
|
Red Hat OpenShift Container Platform release 4.21.17
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:container_platform_release_4.21.17
|
Container Platform release 4.21.17 | |
|
Atlassian Bamboo <12.1.6
Atlassian / Bamboo
|
<12.1.6 | ||
|
Atlassian Confluence <9.2.19
Atlassian / Confluence
|
<9.2.19 | ||
|
Atlassian Bamboo <10.2.18
Atlassian / Bamboo
|
<10.2.18 | ||
|
Atlassian Confluence <10.2.10
Atlassian / Confluence
|
<10.2.10 | ||
|
IBM App Connect Enterprise
IBM
|
cpe:/a:ibm:app_connect_enterprise:-
|
— | |
|
Atlassian Bitbucket <9.4.19
Atlassian / Bitbucket
|
<9.4.19 |
References
15 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet.\r\nBitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle.\r\nConfluence ist eine kommerzielle Wiki-Software.\r\nJira ist eine Webanwendung zur Softwareentwicklung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Atlassian Bamboo, Atlassian Bitbucket, Atlassian Confluence und Atlassian Jira ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Sicherheitsma\u00dfnahmen zu umgehen, Daten zu manipulieren oder offenzulegen oder Cross-Site-Scripting-Angriffe durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1229 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1229.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1229 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1229"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - April 21 2026 vom 2026-04-21",
"url": "https://confluence.atlassian.com/security/security-bulletin-april-21-2026-1770913890.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10209 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:10209"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10205 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:10205"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10215 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:10215"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10206 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:10206"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10204 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:10204"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10211 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:10211"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10214 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:10214"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10213 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:10213"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:10201 vom 2026-04-23",
"url": "https://access.redhat.com/errata/RHSA-2026:10201"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:11070 vom 2026-04-28",
"url": "https://access.redhat.com/errata/RHSA-2026:11070"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7271910 vom 2026-05-06",
"url": "https://www.ibm.com/support/pages/node/7271910"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:20034 vom 2026-05-26",
"url": "https://access.redhat.com/errata/RHSA-2026:20034"
}
],
"source_lang": "en-US",
"title": "Atlassian Bamboo, Bitbucket, Confluence, Jira: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-25T22:00:00.000+00:00",
"generator": {
"date": "2026-05-26T12:16:36.572+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1229",
"initial_release_date": "2026-04-21T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-04-21T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-04-23T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-04-27T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-05-06T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-05-25T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.1.6",
"product": {
"name": "Atlassian Bamboo \u003c12.1.6",
"product_id": "T053202"
}
},
{
"category": "product_version",
"name": "12.1.6",
"product": {
"name": "Atlassian Bamboo 12.1.6",
"product_id": "T053202-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:12.1.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.18",
"product": {
"name": "Atlassian Bamboo \u003c10.2.18",
"product_id": "T053203"
}
},
{
"category": "product_version",
"name": "10.2.18",
"product": {
"name": "Atlassian Bamboo 10.2.18",
"product_id": "T053203-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:10.2.18"
}
}
}
],
"category": "product_name",
"name": "Bamboo"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.2.2",
"product": {
"name": "Atlassian Bitbucket \u003c10.2.2",
"product_id": "T053207"
}
},
{
"category": "product_version",
"name": "10.2.2",
"product": {
"name": "Atlassian Bitbucket 10.2.2",
"product_id": "T053207-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:10.2.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.19",
"product": {
"name": "Atlassian Bitbucket \u003c9.4.19",
"product_id": "T053209"
}
},
{
"category": "product_version",
"name": "9.4.19",
"product": {
"name": "Atlassian Bitbucket 9.4.19",
"product_id": "T053209-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:9.4.19"
}
}
}
],
"category": "product_name",
"name": "Bitbucket"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.2.10",
"product": {
"name": "Atlassian Confluence \u003c10.2.10",
"product_id": "T053211"
}
},
{
"category": "product_version",
"name": "10.2.10",
"product": {
"name": "Atlassian Confluence 10.2.10",
"product_id": "T053211-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:10.2.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.19",
"product": {
"name": "Atlassian Confluence \u003c9.2.19",
"product_id": "T053213"
}
},
{
"category": "product_version",
"name": "9.2.19",
"product": {
"name": "Atlassian Confluence 9.2.19",
"product_id": "T053213-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:9.2.19"
}
}
}
],
"category": "product_name",
"name": "Confluence"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c11.3.4",
"product": {
"name": "Atlassian Jira \u003c11.3.4",
"product_id": "T053215"
}
},
{
"category": "product_version",
"name": "11.3.4",
"product": {
"name": "Atlassian Jira 11.3.4",
"product_id": "T053215-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:11.3.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.3.19",
"product": {
"name": "Atlassian Jira \u003c10.3.19",
"product_id": "T053216"
}
},
{
"category": "product_version",
"name": "10.3.19",
"product": {
"name": "Atlassian Jira 10.3.19",
"product_id": "T053216-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:10.3.19"
}
}
},
{
"category": "product_version_range",
"name": "Service Management \u003c11.3.4",
"product": {
"name": "Atlassian Jira Service Management \u003c11.3.4",
"product_id": "T053218"
}
},
{
"category": "product_version",
"name": "Service Management 11.3.4",
"product": {
"name": "Atlassian Jira Service Management 11.3.4",
"product_id": "T053218-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:service_management__11.3.4"
}
}
},
{
"category": "product_version_range",
"name": "Service Management \u003c10.3.19",
"product": {
"name": "Atlassian Jira Service Management \u003c10.3.19",
"product_id": "T053221"
}
},
{
"category": "product_version",
"name": "Service Management 10.3.19",
"product": {
"name": "Atlassian Jira Service Management 10.3.19",
"product_id": "T053221-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:service_management__10.3.19"
}
}
}
],
"category": "product_name",
"name": "Jira"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T052517",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Container Platform release 4.21.17",
"product": {
"name": "Red Hat OpenShift Container Platform release 4.21.17",
"product_id": "T054688",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform_release_4.21.17"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-0341",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2021-0341"
},
{
"cve": "CVE-2021-31597",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2021-31597"
},
{
"cve": "CVE-2022-1471",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2022-1471"
},
{
"cve": "CVE-2022-25927",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2022-25927"
},
{
"cve": "CVE-2023-1370",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2023-1370"
},
{
"cve": "CVE-2023-3635",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2023-3635"
},
{
"cve": "CVE-2023-48631",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2023-48631"
},
{
"cve": "CVE-2024-29371",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2024-29371"
},
{
"cve": "CVE-2024-45801",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2024-45801"
},
{
"cve": "CVE-2024-47875",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2024-47875"
},
{
"cve": "CVE-2025-48734",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2025-48734"
},
{
"cve": "CVE-2025-66020",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2025-66020"
},
{
"cve": "CVE-2026-21571",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-21571"
},
{
"cve": "CVE-2026-22029",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-22029"
},
{
"cve": "CVE-2026-23745",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-23745"
},
{
"cve": "CVE-2026-23950",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-23950"
},
{
"cve": "CVE-2026-24734",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-24734"
},
{
"cve": "CVE-2026-24842",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-24842"
},
{
"cve": "CVE-2026-24880",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-24880"
},
{
"cve": "CVE-2026-25547",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-25547"
},
{
"cve": "CVE-2026-25639",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-25639"
},
{
"cve": "CVE-2026-26960",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-26960"
},
{
"cve": "CVE-2026-29063",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-29063"
},
{
"cve": "CVE-2026-31802",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-31802"
},
{
"cve": "CVE-2026-33870",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-33870"
},
{
"cve": "CVE-2026-33871",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-33871"
},
{
"cve": "CVE-2026-34487",
"product_status": {
"known_affected": [
"T053221",
"67646",
"T053207",
"T053218",
"T053215",
"T053216",
"T054688",
"T053202",
"T053213",
"T053203",
"T053211",
"T052517",
"T053209"
]
},
"release_date": "2026-04-21T22:00:00.000+00:00",
"title": "CVE-2026-34487"
}
]
}
WID-SEC-W-2026-1955
Vulnerability from csaf_certbund - Published: 2026-06-16 22:00 - Updated: 2026-07-01 22:00Summary
Atlassian Bamboo, Bitbucket, Confluence, Fisheye, Crucible, Jira und Jira Service Management: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet.
Bitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle.
Confluence ist eine kommerzielle Wiki-Software.
Fisheye ist ein Quellcode-Repository-Browser für Unternehmensteams.
Crucible ist eine Code-Review-Lösung für Unternehmensteams.
Jira ist eine Webanwendung zur Softwareentwicklung.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Atlassian Bamboo, Bitbucket, Confluence, Fisheye, Crucible, Jira und Jira Service Management ausnutzen, um beliebigen Code auszuführen, erweiterte Berechtigungen zu erlangen, Sicherheitsmaßnahmen zu umgehen, Daten zu manipulieren, vertrauliche Informationen offenzulegen oder einen Denial-of-Service-Zustand auszulösen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
Affected products
Known affected
14 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Atlassian Crucible <4.9.11
Atlassian / Crucible
|
<4.9.11 | ||
|
Atlassian Fisheye <4.9.11
Atlassian / Fisheye
|
<4.9.11 | ||
|
Atlassian Confluence Data Center <9.2.21
Atlassian / Confluence
|
Data Center <9.2.21 | ||
|
Atlassian Confluence Data Center <10.2.13
Atlassian / Confluence
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket Data Center <10.3.1
Atlassian / Bitbucket
|
Data Center <10.3.1 | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bitbucket Data Center <9.4.21
Atlassian / Bitbucket
|
Data Center <9.4.21 | ||
|
Atlassian Bitbucket Data Center <10.2.4
Atlassian / Bitbucket
|
Data Center <10.2.4 | ||
|
Atlassian Jira Service Management Data Center and Server <10.3.22
Atlassian / Jira
|
Service Management Data Center and Server <10.3.22 | ||
|
Atlassian Jira Service Management Data Center and Server <11.3.7
Atlassian / Jira
|
Service Management Data Center and Server <11.3.7 | ||
|
Atlassian Bamboo Data Center <12.1.8
Atlassian / Bamboo
|
Data Center <12.1.8 | ||
|
Atlassian Jira Data Center <10.3.22
Atlassian / Jira
|
Data Center <10.3.22 | ||
|
Atlassian Jira Data Center <11.3.7
Atlassian / Jira
|
Data Center <11.3.7 | ||
|
Atlassian Bamboo Data Center <10.2.20
Atlassian / Bamboo
|
Data Center <10.2.20 |
References
18 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet.\r\nBitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle.\r\nConfluence ist eine kommerzielle Wiki-Software.\r\nFisheye ist ein Quellcode-Repository-Browser f\u00fcr Unternehmensteams. \r\nCrucible ist eine Code-Review-L\u00f6sung f\u00fcr Unternehmensteams.\r\nJira ist eine Webanwendung zur Softwareentwicklung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Atlassian Bamboo, Bitbucket, Confluence, Fisheye, Crucible, Jira und Jira Service Management ausnutzen, um beliebigen Code auszuf\u00fchren, erweiterte Berechtigungen zu erlangen, Sicherheitsma\u00dfnahmen zu umgehen, Daten zu manipulieren, vertrauliche Informationen offenzulegen oder einen Denial-of-Service-Zustand auszul\u00f6sen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1955 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1955.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1955 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1955"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin Juni vom 2026-06-16",
"url": "https://confluence.atlassian.com/security/security-bulletin-june-16-2026-1796309326.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:22380 vom 2026-06-18",
"url": "https://access.redhat.com/errata/RHSA-2026:22380"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:27171 vom 2026-06-19",
"url": "https://access.redhat.com/errata/RHSA-2026:27171"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:7634 vom 2026-06-18",
"url": "https://access.redhat.com/errata/RHSA-2026:7634"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:29197 vom 2026-06-24",
"url": "https://access.redhat.com/errata/RHSA-2026:29197"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:30076 vom 2026-06-25",
"url": "https://access.redhat.com/errata/RHSA-2026:30076"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:30651 vom 2026-06-28",
"url": "https://access.redhat.com/errata/RHSA-2026:30651"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:30650 vom 2026-06-28",
"url": "https://access.redhat.com/errata/RHSA-2026:30650"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:33155 vom 2026-06-29",
"url": "https://access.redhat.com/errata/RHSA-2026:33155"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:33160 vom 2026-06-29",
"url": "https://access.redhat.com/errata/RHSA-2026:33160"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:33183 vom 2026-06-29",
"url": "https://access.redhat.com/errata/RHSA-2026:33183"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:33173 vom 2026-06-30",
"url": "https://access.redhat.com/errata/RHSA-2026:33173"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:33163 vom 2026-06-29",
"url": "https://access.redhat.com/errata/RHSA-2026:33163"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:33005 vom 2026-06-29",
"url": "https://access.redhat.com/errata/RHSA-2026:33005"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:34374 vom 2026-07-01",
"url": "https://access.redhat.com/errata/RHSA-2026:34374"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:28964 vom 2026-07-02",
"url": "https://access.redhat.com/errata/RHSA-2026:28964"
}
],
"source_lang": "en-US",
"title": "Atlassian Bamboo, Bitbucket, Confluence, Fisheye, Crucible, Jira und Jira Service Management: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-07-01T22:00:00.000+00:00",
"generator": {
"date": "2026-07-02T09:24:21.483+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1955",
"initial_release_date": "2026-06-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-06-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-06-17T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-06-18T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-06-24T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-06-25T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-06-28T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-06-29T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-07-01T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
}
],
"status": "final",
"version": "8"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c12.1.8",
"product": {
"name": "Atlassian Bamboo Data Center \u003c12.1.8",
"product_id": "T055489"
}
},
{
"category": "product_version",
"name": "Data Center 12.1.8",
"product": {
"name": "Atlassian Bamboo Data Center 12.1.8",
"product_id": "T055489-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:data_center__12.1.8"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c10.2.20",
"product": {
"name": "Atlassian Bamboo Data Center \u003c10.2.20",
"product_id": "T055490"
}
},
{
"category": "product_version",
"name": "Data Center 10.2.20",
"product": {
"name": "Atlassian Bamboo Data Center 10.2.20",
"product_id": "T055490-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:data_center__10.2.20"
}
}
}
],
"category": "product_name",
"name": "Bamboo"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c10.2.4",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c10.2.4",
"product_id": "T055492"
}
},
{
"category": "product_version",
"name": "Data Center 10.2.4",
"product": {
"name": "Atlassian Bitbucket Data Center 10.2.4",
"product_id": "T055492-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__10.2.4"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c9.4.21",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c9.4.21",
"product_id": "T055493"
}
},
{
"category": "product_version",
"name": "Data Center 9.4.21",
"product": {
"name": "Atlassian Bitbucket Data Center 9.4.21",
"product_id": "T055493-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__9.4.21"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c10.3.1",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c10.3.1",
"product_id": "T055494"
}
},
{
"category": "product_version",
"name": "Data Center 10.3.1",
"product": {
"name": "Atlassian Bitbucket Data Center 10.3.1",
"product_id": "T055494-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__10.3.1"
}
}
}
],
"category": "product_name",
"name": "Bitbucket"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c10.2.13",
"product": {
"name": "Atlassian Confluence Data Center \u003c10.2.13",
"product_id": "T055495"
}
},
{
"category": "product_version",
"name": "Data Center 10.2.13",
"product": {
"name": "Atlassian Confluence Data Center 10.2.13",
"product_id": "T055495-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center__10.2.13"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c9.2.21",
"product": {
"name": "Atlassian Confluence Data Center \u003c9.2.21",
"product_id": "T055496"
}
},
{
"category": "product_version",
"name": "Data Center 9.2.21",
"product": {
"name": "Atlassian Confluence Data Center 9.2.21",
"product_id": "T055496-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center__9.2.21"
}
}
}
],
"category": "product_name",
"name": "Confluence"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.9.11",
"product": {
"name": "Atlassian Crucible \u003c4.9.11",
"product_id": "T055498"
}
},
{
"category": "product_version",
"name": "4.9.11",
"product": {
"name": "Atlassian Crucible 4.9.11",
"product_id": "T055498-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:crucible:4.9.11"
}
}
}
],
"category": "product_name",
"name": "Crucible"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c4.9.11",
"product": {
"name": "Atlassian Fisheye \u003c4.9.11",
"product_id": "T055497"
}
},
{
"category": "product_version",
"name": "4.9.11",
"product": {
"name": "Atlassian Fisheye 4.9.11",
"product_id": "T055497-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:fisheye:4.9.11"
}
}
}
],
"category": "product_name",
"name": "Fisheye"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c11.3.7",
"product": {
"name": "Atlassian Jira Data Center \u003c11.3.7",
"product_id": "T055499"
}
},
{
"category": "product_version",
"name": "Data Center 11.3.7",
"product": {
"name": "Atlassian Jira Data Center 11.3.7",
"product_id": "T055499-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:data_center__11.3.7"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c10.3.22",
"product": {
"name": "Atlassian Jira Data Center \u003c10.3.22",
"product_id": "T055500"
}
},
{
"category": "product_version",
"name": "Data Center 10.3.22",
"product": {
"name": "Atlassian Jira Data Center 10.3.22",
"product_id": "T055500-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:data_center__10.3.22"
}
}
},
{
"category": "product_version_range",
"name": "Service Management Data Center and Server \u003c11.3.7",
"product": {
"name": "Atlassian Jira Service Management Data Center and Server \u003c11.3.7",
"product_id": "T055501"
}
},
{
"category": "product_version",
"name": "Service Management Data Center and Server 11.3.7",
"product": {
"name": "Atlassian Jira Service Management Data Center and Server 11.3.7",
"product_id": "T055501-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:service_management_data_center_and_server__11.3.7"
}
}
},
{
"category": "product_version_range",
"name": "Service Management Data Center and Server \u003c10.3.22",
"product": {
"name": "Atlassian Jira Service Management Data Center and Server \u003c10.3.22",
"product_id": "T055502"
}
},
{
"category": "product_version",
"name": "Service Management Data Center and Server 10.3.22",
"product": {
"name": "Atlassian Jira Service Management Data Center and Server 10.3.22",
"product_id": "T055502-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:service_management_data_center_and_server__10.3.22"
}
}
}
],
"category": "product_name",
"name": "Jira"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-11272",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2019-11272"
},
{
"cve": "CVE-2021-3803",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2021-3803"
},
{
"cve": "CVE-2022-1471",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2022-1471"
},
{
"cve": "CVE-2022-22965",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2022-22965"
},
{
"cve": "CVE-2022-22978",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2022-22978"
},
{
"cve": "CVE-2022-31692",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2022-31692"
},
{
"cve": "CVE-2024-22257",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2024-22257"
},
{
"cve": "CVE-2025-22228",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2025-22228"
},
{
"cve": "CVE-2026-22732",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-22732"
},
{
"cve": "CVE-2026-24734",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-24734"
},
{
"cve": "CVE-2026-26996",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-26996"
},
{
"cve": "CVE-2026-27903",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-27903"
},
{
"cve": "CVE-2026-27904",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-27904"
},
{
"cve": "CVE-2026-29129",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-29129"
},
{
"cve": "CVE-2026-33870",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-33870"
},
{
"cve": "CVE-2026-33871",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-33871"
},
{
"cve": "CVE-2026-34077",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-34077"
},
{
"cve": "CVE-2026-34486",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-34486"
},
{
"cve": "CVE-2026-34487",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-34487"
},
{
"cve": "CVE-2026-40175",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-40175"
},
{
"cve": "CVE-2026-41044",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-41044"
},
{
"cve": "CVE-2026-41284",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-41284"
},
{
"cve": "CVE-2026-41293",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-41293"
},
{
"cve": "CVE-2026-42033",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42033"
},
{
"cve": "CVE-2026-42035",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42035"
},
{
"cve": "CVE-2026-42038",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42038"
},
{
"cve": "CVE-2026-42043",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42043"
},
{
"cve": "CVE-2026-42198",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42198"
},
{
"cve": "CVE-2026-42211",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42211"
},
{
"cve": "CVE-2026-42264",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42264"
},
{
"cve": "CVE-2026-42342",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42342"
},
{
"cve": "CVE-2026-42498",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42498"
},
{
"cve": "CVE-2026-42579",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42579"
},
{
"cve": "CVE-2026-42581",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42581"
},
{
"cve": "CVE-2026-42583",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42583"
},
{
"cve": "CVE-2026-42584",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42584"
},
{
"cve": "CVE-2026-42585",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42585"
},
{
"cve": "CVE-2026-42587",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-42587"
},
{
"cve": "CVE-2026-43512",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-43512"
},
{
"cve": "CVE-2026-43513",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-43513"
},
{
"cve": "CVE-2026-43515",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-43515"
},
{
"cve": "CVE-2026-44486",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-44486"
},
{
"cve": "CVE-2026-44487",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-44487"
},
{
"cve": "CVE-2026-44488",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-44488"
},
{
"cve": "CVE-2026-44492",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-44492"
},
{
"cve": "CVE-2026-44495",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-44495"
},
{
"cve": "CVE-2026-44496",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-44496"
},
{
"cve": "CVE-2026-45149",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-45149"
},
{
"cve": "CVE-2026-45736",
"product_status": {
"known_affected": [
"T055498",
"T055497",
"T055496",
"T055495",
"T055494",
"67646",
"T055493",
"T055492",
"T055502",
"T055501",
"T055489",
"T055500",
"T055499",
"T055490"
]
},
"release_date": "2026-06-16T22:00:00.000+00:00",
"title": "CVE-2026-45736"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…