Atlassian Jira Software vulnerabilities
23 known vulnerabilities affecting atlassian/jira_software.
Total CVEs
23
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH18MEDIUM5
Vulnerabilities
Page 2 of 2
CVE-2022-42004HIGHCVSS 7.52023-11-21
CVE-2022-42004 [HIGH] CVE-2022-42004: Deserialization com.fasterxml.jackson.core:jackson-databind in Jira Software Data Center and Server
CVE-2022-42004: Deserialization com.fasterxml.jackson.core:jackson-databind in Jira Software Data Center and Server
Deserialization com.fasterxml.jackson.core:jackson-databind in Jira Software Data Center and Server
CVE: CVE-2022-42004
Severity: HIGH
Affected products: Jira Software
atlassian
CVE-2017-9735HIGHCVSS 7.52023-11-21
CVE-2017-9735 [HIGH] CVE-2017-9735: Info Disclosure org.eclipse.jetty:jetty-util in Jira Software Data Center and Server
CVE-2017-9735: Info Disclosure org.eclipse.jetty:jetty-util in Jira Software Data Center and Server
Info Disclosure org.eclipse.jetty:jetty-util in Jira Software Data Center and Server
CVE: CVE-2017-9735
Severity: HIGH
Affected products: Jira Software
atlassian
CVE-2019-20407MEDIUMCVSS 4.3≥ unspecified, < 8.6.12020-03-17
CVE-2019-20407 [MEDIUM] CWE-862 CVE-2019-20407: The ConfigureBambooRelease resource in Jira Software and Jira Software Data Center before version 8.
The ConfigureBambooRelease resource in Jira Software and Jira Software Data Center before version 8.6.1 allows authenticated remote attackers to view release version information in projects that they do not have access to through an missing authorisation check.
nvd
← Previous2 / 2