Firma Atlassian opublikowała porady dotyczące bezpieczeństwa dotyczące luk w zabezpieczeniach następujących produktów:

Informacje o produkcie i wydaniuWersje, których dotyczy problemPoprawiona wersjaPodsumowanie luk w zabezpieczeniachNumer CVECVSS Krytyczność
Bamboo Data Center and Server9.6.0 do 9.6.3 (LTS)9.5.0 do 9.5.49.4.0 do 9.4.49.3.0 do 9.3.69.2.1  do 9.2.15 (LTS)9.1.0  do 9.1.39.0.0  do 9.0.49.6.4 (LTS) rekomendowane Data Center Only9.2.16 (LTS)File Inclusion in Bamboo Data Center and ServerCVE-2024-216878.1 Wysoka
SSRF (Server-Side Request Forgery) org.springframework:spring-web Dependency in Bamboo Data Center and ServerCVE-2024-222628.1  Wysoka
Confluence Data Center and Server8.9.0 do 8.9.38.8.0 do 8.8.18.7.1 do 8.7.28.6.0 do 8.6.28.5.0 do 8.5.11 (LTS)8.4.0 do 8.4.58.3.0 do 8.3.48.2.0 do 8.2.38.1.0 do 8.1.48.0.0 do 8.0.47.20.0 do 7.20.37.19.0 do 7.19.24 (LTS)8.9.4 Data Center Only8.5.12 (LTS) rekomendowane7.19.25 (LTS)DoS (Denial of Service) org.apache.commons:commons-compress Dependency in Confluence Data Center and ServerCVE-2021-360907.5  Wysoka
DoS (Denial of Service) org.apache.commons:commons-compress Dependency in Confluence Data Center and ServerCVE-2021-355177.5  Wysoka
DoS (Denial of Service) org.apache.commons:commons-compress Dependency in Confluence Data Center and ServerCVE-2021-355167.5  Wysoka
DoS (Denial of Service) org.apache.commons:commons-compress Dependency in Confluence Data Center and ServerCVE-2021-355157.5  Wysoka
DoS (Denial of Service) org.apache.commons:commons-compress Dependency in Confluence Data Center and ServerCVE-2019-124027.5  Wysoka
Third-Party Dependency in Confluence Data Center and ServerCVE-2024-216887.4  Wysoka
Stored XSS in Confluence Data Center and ServerCVE-2024-216867.3  Wysoka
Jira Data Center and Server9.7.0 do 9.7.29.6.09.5.0 do 9.5.19.4.0 do 9.4.17 (LTS)9.3.0 do 9.3.39.2.0 do 9.2.19.1.0 do 9.1.19.8.0 lub wcześniejsze9.12.0 do 9.12.11 (LTS) rekomendowane9.4.18 do 9.4.24 (LTS)DoS (Denial of Service) com.thoughtworks.xstream:xstream Dependency in Jira Software Data Center and ServerCVE-2022-419667.5  Wysoka
Jira Service Management Data Center and Server5.7.0 do 5.7.25.6.05.5.0 do 5.5.15.4.0 do 5.4.17 (LTS)5.3.0 do 5.3.35.2.0 do 5.2.15.1.0 do 5.1.15.8.0 lub wcześniejsze5.12.0 do 5.12.11 (LTS) rekomendowane5.4.18 do 5.4.24 (LTS)DoS (Denial of Service) com.thoughtworks.xstream:xstream Dependency in Jira Service Management Data Center and ServerCVE-2022-419667.5  Wysoka