Vulnerabilities (CVE)

Filtered by vendor Atlassian Subscribe

Filtered by product Jira Data Center

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2019-20419	1 Atlassian	2 Jira Data Center, Jira Server	2022-07-27	4.4 MEDIUM	7.8 HIGH
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to execute arbitrary code via a DLL hijacking vulnerability in Tomcat. The affected versions are before version 8.5.5, and from version 8.6.0 before 8.7.2.
CVE-2021-43944	1 Atlassian	2 Jira Data Center, Jira Server	2022-06-13	6.5 MEDIUM	7.2 HIGH
This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of Atlassian Jira Server and Data Center allowed remote attackers with system administrator permissions to execute arbitrary code via Template Injection leading to Remote Code Execution (RCE) in the Email Templates feature. The affected versions are before version 8.13.15, and from version 8.14.0 before 8.20.3.