10 grudnia 2024 r. firma Atlassian opublikowała ostrzeżenie dotyczące bezpieczeństwa w celu rozwiązania luk w następujących produktach:

• Bamboo Data Center i Server – wiele wersji

• Bitbucket Data Center i Server – wiele wersji

• Confluence Data Center i Server – wiele wersji

Released Security Vulnerabilities
ProduktWersjaAktualizacjaOpis/LinkCVE IDCVSS
Bamboo Data Center and Server9.6.0 do 9.6.2 (LTS)
9.5.0 do 9.5.4
9.4.0 do 9.4.4
9.3.0 do 9.3.6
9.2.1 do 9.2.14 (LTS)
9.1.0 do 9.1.3
9.0.2 do 9.0.4
9.6.3 do 9.6.8 (LTS) Zalecany tylko dla Data Center 9.2.15 do 9.2.21 (LTS)org.apache.commons:commons-compress Dependency in Bamboo Data Center and ServerCVE-2024-257108.1 Wysoka
com.amazonaws:aws-java-sdk-s3 Dependency in Bamboo Data Center and ServerCVE-2022-311597.9 Wysoka
DoS (Denial of Service) org.bouncycastle:bcprov-jdk18on Dependency in Bamboo Data Center and ServerCVE-2024-301727.5 Wysoka
DoS (Denial of Service) org.apache.tomcat:tomcat-coyote Dependency in Bamboo Data Center and ServerCVE-2024-245497.5 Wysoka
DoS (Denial of Service) com.nimbusds:nimbus-jose-jwt Dependency in Bamboo Data Center and ServerCVE-2023-524287.5 Wysoka
Bitbucket Data Center and Server9.3.0 do 9.3.1
8.19.0 do 8.19.11 (LTS)
8.18.0 do 8.18.1
8.17.0 do 8.17.2
8.16.0 do 8.16.4
8.15.0 do 8.15.5
8.14.0 do 8.14.6
8.13.0 do 8.13.6
8.12.0 do 8.12.6
8.11.0 do 8.11.6
8.10.0 do 8.10.6
8.9.0 do 8.9.21 (LTS) 8.8.0 do 8.8.7
8.7.0 do 8.7.5
8.6.2 do 8.6.4
8.5.2 do 8.5.4
8.4.3 do 8.4.4 8.3.4 7.21.8 do 7.21.23 (LTS)
9.4.0 (LTS) Zalecany tylko dla Data Center 9.3.2 tylko  Data Center 8.19.12 (LTS) Data Center tylko 8.9.22 (LTS)com.hazelcast:hazelcast Dependency in Bitbucket Data Center and ServerCVE-2023-458597.6 Wysoka
DoS (Denial of Service) in Bitbucket Data CenterCVE-2024-40677.5 Wysoka
org.springframework:spring-webmvc Dependency in Bitbucket Data Center and ServerCVE-2024-388167.5 Wysoka
Confluence Data Center and Server9.0.1 do 9.0.3
8.9.0 do 8.9.7
8.8.0 do 8.8.1
8.7.1 do 8.7.2
8.6.0 do 8.6.2
8.5.0 do 8.5.16 (LTS) 8.4.0 do 8.4.5
8.3.0 do 8.3.4 8.2.0 do 8.2.3 8.1.0 do 8.1.4 8.0.1 do 8.0.4 7.20.3 7.19.5 do 7.19.28 (LTS)
9.2.0 (LTS) 9.1.0 do 9.1.1 Data Center 8.9.8 Data Center 8.5.17 do 8.5.18 (LTS) zalecany 7.19.29 do 7.19.30 (LTS)org.apache.commons:commons-compress Dependency in Confluence Data Center and ServerCVE-2024-257108.1 Wysoka
com.hazelcast:hazelcast Dependency in Confluence Data Center and ServerCVE-2023-458597.6 Wysoka
DoS (Denial of Service) minimatch Dependency in Confluence Data CenterCVE-2022-35177.5 Wysoka
Prototype Pollution json5 Dependency in Confluence Data CenterCVE-2022-461757.1 Wysoka