18 lutego 2025 r. firma Atlassian opublikowała ostrzeżenie dotyczące bezpieczeństwa w celu rozwiązania luk w następujących produktach:
- Bamboo Data Center i Server – wiele wersji
- Bitbucket Data Center i Server – wiele wersji
- Confluence Data Center i Server – wiele wersji
- Crowd Data Center i Server – wiele wersji
- Jira Data Center i Server – wiele wersji
| Produkt | Wersja | Aktualizacja | Opis/Link | CVE ID | CVSS | |
| Bamboo Data Center and Server | 10.2.0 (LTS) 10.1.0 do 10.1.1 10.0.0 do 10.0.3 9.6.0 do 9.6.9 (LTS) 9.5.0 do 9.5.4 9.4.0 do 9.4.4 9.3.0 do 9.3.6 9.2.3 do 9.2.20 (LTS) 9.1.2 do 9.1.3 | 10.2.1 (LTS) rekomendowane tylko dla Data Center 9.6.10 (LTS) tylko Data Center 9.2.21 do 9.2.22 (LTS) | DoS (Denial of Service) com.google.protobuf:protobuf-java Dependency in Bamboo Data Center and Server | CVE-2024-7254 | 8.7 Wysoka | |
| DoS (Denial of Service) com.thoughtworks.xstream:xstream Dependency in Bamboo Data Center and Server | CVE-2024-47072 | 7.5 Wysoka | ||||
| Bitbucket Data Center and Server | 9.2.0 do 9.2.1 9.1.0 do 9.1.1 9.0.0 do 9.0.1 8.19.0 do 8.19.10 (LTS) 8.18.0 do 8.18.1 8.17.0 do 8.17.2 8.16.0 do 8.16.4 8.15.0 do 8.15.5 8.14.0 do 8.14.6 8.13.0 do 8.13.6 8.12.0 do 8.12.6 8.11.0 do 8.11.6 8.10.0 do 8.10.6 8.9.0 do 8.9.20 (LTS) 8.8.2 do 8.8.7 8.7.3 do 8.7.5 8.6.4 | 9.5.1 tylko Data Center 9.4.3 (LTS) tylko Data Center 8.19.11 do 8.19.15 (LTS) rekomendowane tylko dla Data Center 8.9.21 do 8.9.25 (LTS) | RCE (Remote Code Execution) org.apache.avro:avro Dependency in Bitbucket Data Center and Server | CVE-2024-47561 | 7.3 Wysoka | |
| Confluence Data Center and Server | 9.2.0 (LTS) 9.1.0 do 9.1.1 9.0.1 do 9.0.3 8.9.0 do 8.9.8 8.8.0 do 8.8.1 8.7.1 do 8.7.2 8.6.0 do 8.6.2 8.5.0 do 8.5.18 (LTS) 8.4.0 to 8.4.5 8.3.0 do 8.3.4 8.2.0 do 8.2.3 8.1.1 do 8.1.4 7.19.6 do 7.19.30 (LTS) | 9.3.1 tylko Data Center 9.2.1 (LTS) rekomendowane tylko dla Data Center 8.5.19 (LTS) | RCE (Remote Code Execution) org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center and Server | CVE-2024-50379 | 9.8 Krytyczna | |
| RCE (Remote Code Execution) org.apache.tomcat:tomcat-catalina Dependency in Confluence Data Center and Server | CVE-2024-56337 | 9.8 Krytyczna | ||||
| Crowd Data Center and Server | 6.2.0 6.1.0 do 6.1.3 6.0.1 do 6.0.6 5.3.0 do 5.3.6 | 6.2.2 rekomendowane tylko dla Data Center 6.1.4 tylko Data Center 6.0.7 tylko Data Center | BASM (Broken Authentication & Session Management) org.apache.tomcat:tomcat-catalina Dependency in Crowd Data Center and Server | CVE-2024-52316 | 9.8 Krytyczna | |
| RCE (Remote Code Execution) org.apache.tomcat:tomcat-catalina Dependency in Crowd Data Center and Server | CVE-2024-50379 | 9.8 Krytyczna | ||||
| RCE (Remote Code Execution) org.apache.tomcat:tomcat-catalina Dependency in Crowd Data Center and Server | CVE-2024-56337 | 9.8 Krytytczna | ||||
| DoS (Denial of Service) ua-parser.js Dependency in Crowd Data Center | CVE-2022-25927 | 7.5 Wysoka | ||||
| Jira Data Center and Server | 10.1.1 10.0.0 do 10.0.1 9.17.0 do 9.17.3 9.16.1 9.15.2 9.14.0 do 9.14.1 9.13.0 do 9.13.1 9.12.0 do 9.12.14 (LTS) 9.11.0 do 9.11.3 9.10.0 do 9.10.2 9.9.0 do 9.9.2 9.8.0 do 9.8.2 9.7.0 do 9.7.2 9.4.4 do 9.4.27 (LTS) | 10.1.2 tylko Data Center 9.17.4 do 9.17.5 tylko Data Center 9.12.15 (LTS) rekomendowane 9.4.28 do 9.4.30 (LTS) | DoS (Denial of Service) com.google.protobuf:protobuf-java Dependency in Jira Software Data Center and Server | CVE-2024-7254 | 8.7 Wysoka | |
