Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-54988 (GCVE-0-2025-54988)
Vulnerability from cvelistv5 – Published: 2025-08-20 20:08 – Updated: 2026-02-26 17:48
VLAI
EPSS
Title
Apache Tika PDF parser module: XXE vulnerability in PDFParser's handling of XFA
Summary
Critical XXE in Apache Tika (tika-parser-pdf-module) in Apache Tika 1.13 through and including 3.2.1 on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. An attacker may be able to read sensitive data or trigger malicious requests to internal resources or third-party servers. Note that the tika-parser-pdf-module is used as a dependency in several Tika packages including at least: tika-parsers-standard-modules, tika-parsers-standard-package, tika-app, tika-grpc and tika-server-standard.
Users are recommended to upgrade to version 3.2.2, which fixes this issue.
Severity
8.4 (High)
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-611 - Improper Restriction of XML External Entity Reference
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Apache Software Foundation | Apache Tika PDF parser module |
Affected:
1.13 , ≤ 3.2.1
(semver)
|
Credits
Paras Jain and Yakov Shafranovich of Amazon.
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-54988",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-01-22T04:55:48.643142Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T17:48:22.169Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T22:06:45.688Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00030.html"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/20/2"
},
{
"url": "http://www.openwall.com/lists/oss-security/2025/08/20/3"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://repo.maven.apache.org/maven2",
"defaultStatus": "unaffected",
"packageName": "org.apache.tika:tika-parser-pdf-module",
"product": "Apache Tika PDF parser module",
"vendor": "Apache Software Foundation",
"versions": [
{
"lessThanOrEqual": "3.2.1",
"status": "affected",
"version": "1.13",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Paras Jain and Yakov Shafranovich of Amazon."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Critical XXE in Apache Tika (tika-parser-pdf-module) in Apache Tika 1.13 through and including 3.2.1 on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. An attacker may be able to read sensitive data or trigger malicious requests to internal resources or third-party servers. Note that the tika-parser-pdf-module is used as a dependency in several Tika packages including at least: tika-parsers-standard-modules, tika-parsers-standard-package, tika-app, tika-grpc and tika-server-standard.\u003cbr\u003e\u003cbr\u003eUsers are recommended to upgrade to version 3.2.2, which fixes this issue."
}
],
"value": "Critical XXE in Apache Tika (tika-parser-pdf-module) in Apache Tika 1.13 through and including 3.2.1 on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. An attacker may be able to read sensitive data or trigger malicious requests to internal resources or third-party servers. Note that the tika-parser-pdf-module is used as a dependency in several Tika packages including at least: tika-parsers-standard-modules, tika-parsers-standard-package, tika-app, tika-grpc and tika-server-standard.\n\nUsers are recommended to upgrade to version 3.2.2, which fixes this issue."
}
],
"metrics": [
{
"other": {
"content": {
"text": "critical"
},
"type": "Textual description of severity"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-611",
"description": "CWE-611 Improper Restriction of XML External Entity Reference",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-02T12:34:45.683Z",
"orgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"shortName": "apache"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://lists.apache.org/thread/8xn3rqy6kz5b3l1t83kcofkw0w4mmj1w"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Apache Tika PDF parser module: XXE vulnerability in PDFParser\u0027s handling of XFA",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f0158376-9dc2-43b6-827c-5f631a4d8d09",
"assignerShortName": "apache",
"cveId": "CVE-2025-54988",
"datePublished": "2025-08-20T20:08:49.481Z",
"dateReserved": "2025-08-04T16:04:26.626Z",
"dateUpdated": "2026-02-26T17:48:22.169Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2025-54988",
"date": "2026-06-17",
"epss": "0.02962",
"percentile": "0.85429"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2025-54988\",\"sourceIdentifier\":\"security@apache.org\",\"published\":\"2025-08-20T20:15:33.070\",\"lastModified\":\"2025-11-04T22:16:29.870\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Critical XXE in Apache Tika (tika-parser-pdf-module) in Apache Tika 1.13 through and including 3.2.1 on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. An attacker may be able to read sensitive data or trigger malicious requests to internal resources or third-party servers. Note that the tika-parser-pdf-module is used as a dependency in several Tika packages including at least: tika-parsers-standard-modules, tika-parsers-standard-package, tika-app, tika-grpc and tika-server-standard.\\n\\nUsers are recommended to upgrade to version 3.2.2, which fixes this issue.\"},{\"lang\":\"es\",\"value\":\"El error XXE cr\u00edtico en Apache Tika (tika-parser-pdf-module), presente en Apache Tika desde la versi\u00f3n 1.13 hasta la 3.2.1 (incluida), en todas las plataformas, permite a un atacante inyectar una entidad externa XML mediante un archivo XFA manipulado dentro de un PDF. Un atacante podr\u00eda leer datos confidenciales o activar solicitudes maliciosas a recursos internos o servidores de terceros. Tenga en cuenta que el m\u00f3dulo tika-parser-pdf-module se utiliza como dependencia en varios paquetes de Tika, incluyendo al menos: tika-parsers-standard-modules, tika-parsers-standard-package, tika-app, tika-grpc y tika-server-standard. Se recomienda actualizar a la versi\u00f3n 3.2.2, que soluciona este problema.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.4,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.5,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security@apache.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-611\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:apache:tika:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.13\",\"versionEndExcluding\":\"3.2.2\",\"matchCriteriaId\":\"06E31452-81F9-4B50-A6E1-EE8FE3E148BD\"}]}]}],\"references\":[{\"url\":\"https://lists.apache.org/thread/8xn3rqy6kz5b3l1t83kcofkw0w4mmj1w\",\"source\":\"security@apache.org\",\"tags\":[\"Issue Tracking\",\"Mailing List\",\"Vendor Advisory\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/08/20/2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.openwall.com/lists/oss-security/2025/08/20/3\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2025/10/msg00030.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://lists.debian.org/debian-lts-announce/2025/10/msg00030.html\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2025/08/20/2\"}, {\"url\": \"http://www.openwall.com/lists/oss-security/2025/08/20/3\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2025-11-04T22:06:45.688Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-54988\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-01-22T04:55:48.643142Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-08-21T13:27:27.136Z\"}}], \"cna\": {\"title\": \"Apache Tika PDF parser module: XXE vulnerability in PDFParser\u0027s handling of XFA\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"Paras Jain and Yakov Shafranovich of Amazon.\"}], \"metrics\": [{\"other\": {\"type\": \"Textual description of severity\", \"content\": {\"text\": \"critical\"}}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.4, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Apache Software Foundation\", \"product\": \"Apache Tika PDF parser module\", \"versions\": [{\"status\": \"affected\", \"version\": \"1.13\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"3.2.1\"}], \"packageName\": \"org.apache.tika:tika-parser-pdf-module\", \"collectionURL\": \"https://repo.maven.apache.org/maven2\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://lists.apache.org/thread/8xn3rqy6kz5b3l1t83kcofkw0w4mmj1w\", \"tags\": [\"vendor-advisory\"]}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Critical XXE in Apache Tika (tika-parser-pdf-module) in Apache Tika 1.13 through and including 3.2.1 on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. An attacker may be able to read sensitive data or trigger malicious requests to internal resources or third-party servers. Note that the tika-parser-pdf-module is used as a dependency in several Tika packages including at least: tika-parsers-standard-modules, tika-parsers-standard-package, tika-app, tika-grpc and tika-server-standard.\\n\\nUsers are recommended to upgrade to version 3.2.2, which fixes this issue.\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"Critical XXE in Apache Tika (tika-parser-pdf-module) in Apache Tika 1.13 through and including 3.2.1 on all platforms allows an attacker to carry out XML External Entity injection via a crafted XFA file inside of a PDF. An attacker may be able to read sensitive data or trigger malicious requests to internal resources or third-party servers. Note that the tika-parser-pdf-module is used as a dependency in several Tika packages including at least: tika-parsers-standard-modules, tika-parsers-standard-package, tika-app, tika-grpc and tika-server-standard.\u003cbr\u003e\u003cbr\u003eUsers are recommended to upgrade to version 3.2.2, which fixes this issue.\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-611\", \"description\": \"CWE-611 Improper Restriction of XML External Entity Reference\"}]}], \"providerMetadata\": {\"orgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"shortName\": \"apache\", \"dateUpdated\": \"2025-09-02T12:34:45.683Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-54988\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-02-26T17:48:22.169Z\", \"dateReserved\": \"2025-08-04T16:04:26.626Z\", \"assignerOrgId\": \"f0158376-9dc2-43b6-827c-5f631a4d8d09\", \"datePublished\": \"2025-08-20T20:08:49.481Z\", \"assignerShortName\": \"apache\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
}
}
WID-SEC-W-2025-1883
Vulnerability from csaf_certbund - Published: 2025-08-20 22:00 - Updated: 2026-05-27 22:00Summary
Apache Tika: Schwachstelle ermöglicht Infogewinn oder Manipulation
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Das Apache Tika-Toolkit erkennt und extrahiert Metadaten und Text aus vielen verschiedenen Dateitypen.
Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Apache Tika ausnutzen, um sensible Daten auszulesen oder bösartige Anfragen an interne Ressourcen oder Server von Drittanbietern auszulösen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HCL Domino 14
HCL / Domino
|
cpe:/a:hcltech:domino:14
|
14 | |
|
Atlassian Bamboo <9.6.20 (LTS)
Atlassian / Bamboo
|
<9.6.20 (LTS) | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bamboo <10.2.12 (LTS)
Atlassian / Bamboo
|
<10.2.12 (LTS) | ||
|
Atlassian Bamboo <12.0.2
Atlassian / Bamboo
|
<12.0.2 | ||
|
IBM SPSS Analytic Server
IBM / SPSS
|
cpe:/a:ibm:spss:analytic_server
|
Analytic Server | |
|
HCL Domino 12
HCL / Domino
|
cpe:/a:hcltech:domino:12
|
12 | |
|
Pega Platform 7.x - 22.2.2
Pega / Platform
|
cpe:/a:pega:platform:7.x-22.2.2
|
7.x - 22.2.2 | |
|
IBM InfoSphere Information Server
IBM
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
Apache Tika <3.2.2
Apache / Tika
|
<3.2.2 | ||
|
IBM SPSS Modeler
IBM / SPSS
|
cpe:/a:ibm:spss:modeler
|
Modeler | |
|
HCL Domino 14.5
HCL / Domino
|
cpe:/a:hcltech:domino:14.5
|
14.5 | |
|
Open Source Elasticsearch <8.19.3
Open Source / Elasticsearch
|
<8.19.3 | ||
|
Apache Tika tika-parsers <2.0.0
Apache / Tika
|
tika-parsers <2.0.0 | ||
|
Apache Tika tika-parser-pdf-module <3.2.2
Apache / Tika
|
tika-parser-pdf-module <3.2.2 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
HCL Commerce <9.1.19
HCL / Commerce
|
<9.1.19 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Adobe ColdFusion 2023 <Update 18
Adobe / ColdFusion
|
2023 <Update 18 | ||
|
Adobe ColdFusion 2025 <Update 6
Adobe / ColdFusion
|
2025 <Update 6 | ||
|
Open Source Elasticsearch <8.18.6
Open Source / Elasticsearch
|
<8.18.6 | ||
|
Open Source Elasticsearch <9.0.6
Open Source / Elasticsearch
|
<9.0.6 | ||
|
Open Source Elasticsearch <9.1.3
Open Source / Elasticsearch
|
<9.1.3 |
Affected products
Known affected
23 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
HCL Domino 14
HCL / Domino
|
cpe:/a:hcltech:domino:14
|
14 | |
|
Atlassian Bamboo <9.6.20 (LTS)
Atlassian / Bamboo
|
<9.6.20 (LTS) | ||
|
Red Hat Enterprise Linux
Red Hat
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Atlassian Bamboo <10.2.12 (LTS)
Atlassian / Bamboo
|
<10.2.12 (LTS) | ||
|
Atlassian Bamboo <12.0.2
Atlassian / Bamboo
|
<12.0.2 | ||
|
IBM SPSS Analytic Server
IBM / SPSS
|
cpe:/a:ibm:spss:analytic_server
|
Analytic Server | |
|
HCL Domino 12
HCL / Domino
|
cpe:/a:hcltech:domino:12
|
12 | |
|
Pega Platform 7.x - 22.2.2
Pega / Platform
|
cpe:/a:pega:platform:7.x-22.2.2
|
7.x - 22.2.2 | |
|
IBM InfoSphere Information Server
IBM
|
cpe:/a:ibm:infosphere_information_server:-
|
— | |
|
Apache Tika <3.2.2
Apache / Tika
|
<3.2.2 | ||
|
IBM SPSS Modeler
IBM / SPSS
|
cpe:/a:ibm:spss:modeler
|
Modeler | |
|
HCL Domino 14.5
HCL / Domino
|
cpe:/a:hcltech:domino:14.5
|
14.5 | |
|
Open Source Elasticsearch <8.19.3
Open Source / Elasticsearch
|
<8.19.3 | ||
|
Apache Tika tika-parsers <2.0.0
Apache / Tika
|
tika-parsers <2.0.0 | ||
|
Apache Tika tika-parser-pdf-module <3.2.2
Apache / Tika
|
tika-parser-pdf-module <3.2.2 | ||
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
HCL Commerce <9.1.19
HCL / Commerce
|
<9.1.19 | ||
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
Adobe ColdFusion 2023 <Update 18
Adobe / ColdFusion
|
2023 <Update 18 | ||
|
Adobe ColdFusion 2025 <Update 6
Adobe / ColdFusion
|
2025 <Update 6 | ||
|
Open Source Elasticsearch <8.18.6
Open Source / Elasticsearch
|
<8.18.6 | ||
|
Open Source Elasticsearch <9.0.6
Open Source / Elasticsearch
|
<9.0.6 | ||
|
Open Source Elasticsearch <9.1.3
Open Source / Elasticsearch
|
<9.1.3 |
References
22 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Das Apache Tika-Toolkit erkennt und extrahiert Metadaten und Text aus vielen verschiedenen Dateitypen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Apache Tika ausnutzen, um sensible Daten auszulesen oder b\u00f6sartige Anfragen an interne Ressourcen oder Server von Drittanbietern auszul\u00f6sen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1883 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1883.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1883 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1883"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23225 vom 2025-12-15",
"url": "https://access.redhat.com/errata/RHSA-2025:23225"
},
{
"category": "external",
"summary": "Apache Tika Mailing List vom 2025-08-20",
"url": "https://lists.apache.org/thread/8xn3rqy6kz5b3l1t83kcofkw0w4mmj1w"
},
{
"category": "external",
"summary": "Apache Tika Security vom 2025-08-20",
"url": "https://tika.apache.org/security.html"
},
{
"category": "external",
"summary": "Red Hat Bugtracker #2389910 vom 2025-08-20",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2389910"
},
{
"category": "external",
"summary": "Elastic Security Announcement ESA-2025-15 vom 2025-08-28",
"url": "https://discuss.elastic.co/t/enterprise-search-8-18-6-8-19-3-security-update-esa-2025-15-cve-2025-54988/381428"
},
{
"category": "external",
"summary": "Elastic Security Announcement ESA-2025-14 vom 2025-08-28",
"url": "https://discuss.elastic.co/t/elasticsearch-8-18-6-8-19-3-9-0-6-and-9-1-3-security-update-esa-2025-14-cve-2025-54988/381427"
},
{
"category": "external",
"summary": "HCL Security Bulletin vom 2025-09-19",
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0124164"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4350 vom 2025-10-26",
"url": "https://lists.debian.org/debian-lts-announce/2025/10/msg00030.html"
},
{
"category": "external",
"summary": "GitHub Advisory Database vom 2025-12-04",
"url": "https://github.com/advisories/GHSA-f58c-gq56-vjjf"
},
{
"category": "external",
"summary": "PoC auf GitHub vom 2025-12-11",
"url": "https://github.com/chasingimpact/CVE-2025-66516-Writeup-POC"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23143 vom 2025-12-11",
"url": "https://access.redhat.com/errata/RHSA-2025:23143"
},
{
"category": "external",
"summary": "Atlassian Security Advisory",
"url": "https://confluence.atlassian.com/security/security-bulletin-december-11-2025-1689616574.html"
},
{
"category": "external",
"summary": "Adobe Security Bulletin APSB26-12 vom 2026-01-14",
"url": "https://helpx.adobe.com/security/products/coldfusion/apsb26-12.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7258072 vom 2026-01-27",
"url": "https://www.ibm.com/support/pages/node/7258072"
},
{
"category": "external",
"summary": "HCL Security Advisory vom 2026-01-30",
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0128183"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7258241 vom 2026-02-03",
"url": "https://www.ibm.com/support/pages/node/7258241"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7260920 vom 2026-02-16",
"url": "https://www.ibm.com/support/pages/node/7260920"
},
{
"category": "external",
"summary": "Pega Security Advisory Apache Tika Vulnerability CVE-2025-54988 and CVE-2025-66516 - Remediation Note",
"url": "https://support.pega.com/support-doc/pega-security-advisory-apache-tika-vulnerability-cve-2025-54988-and-cve-2025-66516%C2%A0"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7269898 vom 2026-04-17",
"url": "https://www.ibm.com/support/pages/node/7269898"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-8324-1 vom 2026-05-27",
"url": "https://ubuntu.com/security/notices/USN-8324-1"
}
],
"source_lang": "en-US",
"title": "Apache Tika: Schwachstelle erm\u00f6glicht Infogewinn oder Manipulation",
"tracking": {
"current_release_date": "2026-05-27T22:00:00.000+00:00",
"generator": {
"date": "2026-05-28T07:26:13.614+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2025-1883",
"initial_release_date": "2025-08-20T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-08-20T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-08-21T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2025-25435"
},
{
"date": "2025-08-28T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Elastic aufgenommen"
},
{
"date": "2025-09-21T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2025-10-26T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-12-04T23:00:00.000+00:00",
"number": "6",
"summary": "CVE und Produkte erg\u00e4nzt,"
},
{
"date": "2025-12-11T23:00:00.000+00:00",
"number": "7",
"summary": "PoC aufgenommen"
},
{
"date": "2025-12-15T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-01-13T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Adobe aufgenommen"
},
{
"date": "2026-01-26T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-01-29T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2026-02-03T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-02-16T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-04-14T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2026-04-16T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2026-05-27T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Ubuntu aufgenommen"
}
],
"status": "final",
"version": "16"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "2025 \u003cUpdate 6",
"product": {
"name": "Adobe ColdFusion 2025 \u003cUpdate 6",
"product_id": "T049937"
}
},
{
"category": "product_version",
"name": "2025 Update 6",
"product": {
"name": "Adobe ColdFusion 2025 Update 6",
"product_id": "T049937-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:adobe:coldfusion:2025__update_6"
}
}
},
{
"category": "product_version_range",
"name": "2023 \u003cUpdate 18",
"product": {
"name": "Adobe ColdFusion 2023 \u003cUpdate 18",
"product_id": "T049938"
}
},
{
"category": "product_version",
"name": "2023 Update 18",
"product": {
"name": "Adobe ColdFusion 2023 Update 18",
"product_id": "T049938-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:adobe:coldfusion:2023__update_18"
}
}
}
],
"category": "product_name",
"name": "ColdFusion"
}
],
"category": "vendor",
"name": "Adobe"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c3.2.2",
"product": {
"name": "Apache Tika \u003c3.2.2",
"product_id": "T046404"
}
},
{
"category": "product_version",
"name": "3.2.2",
"product": {
"name": "Apache Tika 3.2.2",
"product_id": "T046404-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:tika:3.2.2"
}
}
},
{
"category": "product_version_range",
"name": "tika-parser-pdf-module \u003c3.2.2",
"product": {
"name": "Apache Tika tika-parser-pdf-module \u003c3.2.2",
"product_id": "T049108"
}
},
{
"category": "product_version",
"name": "tika-parser-pdf-module 3.2.2",
"product": {
"name": "Apache Tika tika-parser-pdf-module 3.2.2",
"product_id": "T049108-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:tika:tika-parser-pdf-module__3.2.2"
}
}
},
{
"category": "product_version_range",
"name": "tika-parsers \u003c2.0.0",
"product": {
"name": "Apache Tika tika-parsers \u003c2.0.0",
"product_id": "T049109"
}
},
{
"category": "product_version",
"name": "tika-parsers 2.0.0",
"product": {
"name": "Apache Tika tika-parsers 2.0.0",
"product_id": "T049109-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:apache:tika:tika-parsers___2.0.0"
}
}
}
],
"category": "product_name",
"name": "Tika"
}
],
"category": "vendor",
"name": "Apache"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.0.2",
"product": {
"name": "Atlassian Bamboo \u003c12.0.2",
"product_id": "T049361"
}
},
{
"category": "product_version",
"name": "12.0.2",
"product": {
"name": "Atlassian Bamboo 12.0.2",
"product_id": "T049361-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:12.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.12 (LTS)",
"product": {
"name": "Atlassian Bamboo \u003c10.2.12 (LTS)",
"product_id": "T049362"
}
},
{
"category": "product_version",
"name": "10.2.12 (LTS)",
"product": {
"name": "Atlassian Bamboo 10.2.12 (LTS)",
"product_id": "T049362-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:10.2.12_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.6.20 (LTS)",
"product": {
"name": "Atlassian Bamboo \u003c9.6.20 (LTS)",
"product_id": "T049363"
}
},
{
"category": "product_version",
"name": "9.6.20 (LTS)",
"product": {
"name": "Atlassian Bamboo 9.6.20 (LTS)",
"product_id": "T049363-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:9.6.20_%28lts%29"
}
}
}
],
"category": "product_name",
"name": "Bamboo"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.1.19",
"product": {
"name": "HCL Commerce \u003c9.1.19",
"product_id": "T050425"
}
},
{
"category": "product_version",
"name": "9.1.19",
"product": {
"name": "HCL Commerce 9.1.19",
"product_id": "T050425-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:hcltechsw:commerce:9.1.19"
}
}
}
],
"category": "product_name",
"name": "Commerce"
},
{
"branches": [
{
"category": "product_version",
"name": "14",
"product": {
"name": "HCL Domino 14",
"product_id": "T033028",
"product_identification_helper": {
"cpe": "cpe:/a:hcltech:domino:14"
}
}
},
{
"category": "product_version",
"name": "12",
"product": {
"name": "HCL Domino 12",
"product_id": "T038610",
"product_identification_helper": {
"cpe": "cpe:/a:hcltech:domino:12"
}
}
},
{
"category": "product_version",
"name": "14.5",
"product": {
"name": "HCL Domino 14.5",
"product_id": "T045951",
"product_identification_helper": {
"cpe": "cpe:/a:hcltech:domino:14.5"
}
}
}
],
"category": "product_name",
"name": "Domino"
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM InfoSphere Information Server",
"product": {
"name": "IBM InfoSphere Information Server",
"product_id": "T019995",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Analytic Server",
"product": {
"name": "IBM SPSS Analytic Server",
"product_id": "T011787",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spss:analytic_server"
}
}
},
{
"category": "product_version",
"name": "Modeler",
"product": {
"name": "IBM SPSS Modeler",
"product_id": "T018587",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spss:modeler"
}
}
}
],
"category": "product_name",
"name": "SPSS"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.18.6",
"product": {
"name": "Open Source Elasticsearch \u003c8.18.6",
"product_id": "T046588"
}
},
{
"category": "product_version",
"name": "8.18.6",
"product": {
"name": "Open Source Elasticsearch 8.18.6",
"product_id": "T046588-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:elasticsearch:elasticsearch:8.18.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.19.3",
"product": {
"name": "Open Source Elasticsearch \u003c8.19.3",
"product_id": "T046589"
}
},
{
"category": "product_version",
"name": "8.19.3",
"product": {
"name": "Open Source Elasticsearch 8.19.3",
"product_id": "T046589-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:elasticsearch:elasticsearch:8.19.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.0.6",
"product": {
"name": "Open Source Elasticsearch \u003c9.0.6",
"product_id": "T046596"
}
},
{
"category": "product_version",
"name": "9.0.6",
"product": {
"name": "Open Source Elasticsearch 9.0.6",
"product_id": "T046596-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:elasticsearch:elasticsearch:9.0.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.1.3",
"product": {
"name": "Open Source Elasticsearch \u003c9.1.3",
"product_id": "T046597"
}
},
{
"category": "product_version",
"name": "9.1.3",
"product": {
"name": "Open Source Elasticsearch 9.1.3",
"product_id": "T046597-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:elasticsearch:elasticsearch:9.1.3"
}
}
}
],
"category": "product_name",
"name": "Elasticsearch"
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "7.x\u202f-\u202f22.2.2\u202f",
"product": {
"name": "Pega Platform 7.x\u202f-\u202f22.2.2\u202f",
"product_id": "T052752",
"product_identification_helper": {
"cpe": "cpe:/a:pega:platform:7.x-22.2.2"
}
}
}
],
"category": "product_name",
"name": "Platform"
}
],
"category": "vendor",
"name": "Pega"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-54988",
"product_status": {
"known_affected": [
"T033028",
"T049363",
"67646",
"T049362",
"T049361",
"T011787",
"T038610",
"T052752",
"T019995",
"T046404",
"T018587",
"T045951",
"T046589",
"T049109",
"T049108",
"2951",
"T050425",
"T000126",
"T049938",
"T049937",
"T046588",
"T046596",
"T046597"
]
},
"release_date": "2025-08-20T22:00:00.000+00:00",
"title": "CVE-2025-54988"
},
{
"cve": "CVE-2025-66516",
"product_status": {
"known_affected": [
"T033028",
"T049363",
"67646",
"T049362",
"T049361",
"T011787",
"T038610",
"T052752",
"T019995",
"T046404",
"T018587",
"T045951",
"T046589",
"T049109",
"T049108",
"2951",
"T050425",
"T000126",
"T049938",
"T049937",
"T046588",
"T046596",
"T046597"
]
},
"release_date": "2025-08-20T22:00:00.000+00:00",
"title": "CVE-2025-66516"
}
]
}
WID-SEC-W-2026-0162
Vulnerability from csaf_certbund - Published: 2026-01-20 23:00 - Updated: 2026-01-20 23:00Summary
Oracle Fusion Middleware: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Oracle Fusion Middleware bündelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.
Angriff: Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme: - Linux
- UNIX
- Windows
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
Affected products
Known affected
7 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Oracle Fusion Middleware 14.1.2.1.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.1.0
|
14.1.2.1.0 | |
|
Oracle Fusion Middleware 8.5.8
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.8
|
8.5.8 | |
|
Oracle Fusion Middleware 14.1.2.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.2.0.0
|
14.1.2.0.0 | |
|
Oracle Fusion Middleware 12.2.1.4.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:12.2.1.4.0
|
12.2.1.4.0 | |
|
Oracle Fusion Middleware 15.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:15.1.1.0.0
|
15.1.1.0.0 | |
|
Oracle Fusion Middleware 8.5.7
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:8.5.7
|
8.5.7 | |
|
Oracle Fusion Middleware 14.1.1.0.0
Oracle / Fusion Middleware
|
cpe:/a:oracle:fusion_middleware:14.1.1.0.0
|
14.1.1.0.0 |
References
3 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Fusion Middleware b\u00fcndelt mehrere Produkte zur Erstellung, Betrieb und Management von intelligenten Business Anwendungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Fusion Middleware ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0162 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0162.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0162 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0162"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - January 2026 - Appendix Oracle Fusion Middleware vom 2026-01-20",
"url": "https://www.oracle.com/security-alerts/cpujan2026.html#AppendixFMW"
}
],
"source_lang": "en-US",
"title": "Oracle Fusion Middleware: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-01-20T23:00:00.000+00:00",
"generator": {
"date": "2026-01-21T08:54:09.162+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0162",
"initial_release_date": "2026-01-20T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "12.2.1.4.0",
"product": {
"name": "Oracle Fusion Middleware 12.2.1.4.0",
"product_id": "751674",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:12.2.1.4.0"
}
}
},
{
"category": "product_version",
"name": "14.1.1.0.0",
"product": {
"name": "Oracle Fusion Middleware 14.1.1.0.0",
"product_id": "829576",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:14.1.1.0.0"
}
}
},
{
"category": "product_version",
"name": "8.5.7",
"product": {
"name": "Oracle Fusion Middleware 8.5.7",
"product_id": "T034057",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:8.5.7"
}
}
},
{
"category": "product_version",
"name": "14.1.2.0.0",
"product": {
"name": "Oracle Fusion Middleware 14.1.2.0.0",
"product_id": "T040467",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:14.1.2.0.0"
}
}
},
{
"category": "product_version",
"name": "14.1.2.1.0",
"product": {
"name": "Oracle Fusion Middleware 14.1.2.1.0",
"product_id": "T047913",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:14.1.2.1.0"
}
}
},
{
"category": "product_version",
"name": "8.5.8",
"product": {
"name": "Oracle Fusion Middleware 8.5.8",
"product_id": "T047914",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:8.5.8"
}
}
},
{
"category": "product_version",
"name": "15.1.1.0.0",
"product": {
"name": "Oracle Fusion Middleware 15.1.1.0.0",
"product_id": "T050142",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:fusion_middleware:15.1.1.0.0"
}
}
}
],
"category": "product_name",
"name": "Fusion Middleware"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-45105",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2021-45105"
},
{
"cve": "CVE-2022-41342",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2022-41342"
},
{
"cve": "CVE-2024-13009",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-13009"
},
{
"cve": "CVE-2024-42516",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-42516"
},
{
"cve": "CVE-2024-43204",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-43204"
},
{
"cve": "CVE-2024-47252",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-47252"
},
{
"cve": "CVE-2024-47554",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-47554"
},
{
"cve": "CVE-2024-56406",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-56406"
},
{
"cve": "CVE-2025-12383",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-12383"
},
{
"cve": "CVE-2025-23048",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-23048"
},
{
"cve": "CVE-2025-26333",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-26333"
},
{
"cve": "CVE-2025-31672",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-31672"
},
{
"cve": "CVE-2025-41248",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-41248"
},
{
"cve": "CVE-2025-41249",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-41249"
},
{
"cve": "CVE-2025-43967",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-43967"
},
{
"cve": "CVE-2025-48924",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48924"
},
{
"cve": "CVE-2025-48976",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48976"
},
{
"cve": "CVE-2025-4949",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-4949"
},
{
"cve": "CVE-2025-49796",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-49796"
},
{
"cve": "CVE-2025-5115",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-5115"
},
{
"cve": "CVE-2025-53864",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-53864"
},
{
"cve": "CVE-2025-54571",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-54571"
},
{
"cve": "CVE-2025-54874",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-54874"
},
{
"cve": "CVE-2025-54988",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-54988"
},
{
"cve": "CVE-2025-55163",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-55163"
},
{
"cve": "CVE-2025-59375",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-59375"
},
{
"cve": "CVE-2025-66516",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-66516"
},
{
"cve": "CVE-2026-21962",
"product_status": {
"known_affected": [
"T047913",
"T047914",
"T040467",
"751674",
"T050142",
"T034057",
"829576"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21962"
}
]
}
WID-SEC-W-2026-0177
Vulnerability from csaf_certbund - Published: 2026-01-20 23:00 - Updated: 2026-03-18 23:00Summary
Atlassian Bamboo, Bitbucket, Confluence und Jira: Mehrere Schwachstellen
Severity
Hoch
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet.
Bitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle.
Confluence ist eine kommerzielle Wiki-Software.
Jira ist eine Webanwendung zur Softwareentwicklung.
Angriff: Ein Angreifer kann mehrere Schwachstellen in Atlassian Bamboo, Atlassian Bitbucket, Atlassian Confluence und Atlassian Jira ausnutzen, um beliebigen Programmcode auszuführen, um Sicherheitsvorkehrungen zu umgehen, um einen Denial of Service Angriff durchzuführen, und um einen Cross-Site Scripting Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
- Sonstiges
- UNIX
- Windows
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
Affected products
Known affected
19 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Dell Data Protection Advisor <19.12
Dell / Data Protection Advisor
|
<19.12 | ||
|
Atlassian Jira Data Center <11.3.0
Atlassian / Jira
|
Data Center <11.3.0 | ||
|
Atlassian Bamboo <10.2.16 (LTS)
Atlassian / Bamboo
|
<10.2.16 (LTS) | ||
|
Atlassian Confluence Data Center <9.2.13
Atlassian / Confluence
|
Data Center <9.2.13 | ||
|
Atlassian Bamboo <9.6.24 (LTS)
Atlassian / Bamboo
|
<9.6.24 (LTS) | ||
|
Atlassian Jira Data Center <10.3.16
Atlassian / Jira
|
Data Center <10.3.16 | ||
|
Atlassian Jira Data Center <11.2.1
Atlassian / Jira
|
Data Center <11.2.1 | ||
|
Atlassian Bamboo <12.1.3 (LTS)
Atlassian / Bamboo
|
<12.1.3 (LTS) | ||
|
Atlassian Bitbucket Data Center <9.4.15
Atlassian / Bitbucket
|
Data Center <9.4.15 | ||
|
Atlassian Bitbucket Data Center <10.1.1
Atlassian / Bitbucket
|
Data Center <10.1.1 | ||
|
Atlassian Confluence Data Center <10.2.2
Atlassian / Confluence
|
Data Center <10.2.2 | ||
|
Atlassian Bitbucket Data Center <8.19.26
Atlassian / Bitbucket
|
Data Center <8.19.26 | ||
|
Atlassian Bamboo Data Center <10.2.13
Atlassian / Bamboo
|
Data Center <10.2.13 | ||
|
Atlassian Bitbucket <9.4.17 to 9.4.18
Atlassian / Bitbucket
|
<9.4.17 to 9.4.18 | ||
|
Atlassian Bamboo Data Center <12.0.2
Atlassian / Bamboo
|
Data Center <12.0.2 | ||
|
Atlassian Jira <9.12.26
Atlassian / Jira
|
<9.12.26 | ||
|
Atlassian Bitbucket <10.1.5
Atlassian / Bitbucket
|
<10.1.5 | ||
|
Atlassian Bamboo Data Center <9.6.21
Atlassian / Bamboo
|
Data Center <9.6.21 | ||
|
Atlassian Bitbucket <10.2.0 to 10.2.1
Atlassian / Bitbucket
|
<10.2.0 to 10.2.1 |
References
5 references
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Bamboo ist ein Werkzeug zur kontinuierlichen Integration und Bereitstellung, das automatisierte Builds, Tests und Freigaben in einem einzigen Arbeitsablauf verbindet.\r\nBitbucket ist ein Git-Server zur Sourcecode-Versionskontrolle.\r\nConfluence ist eine kommerzielle Wiki-Software.\r\nJira ist eine Webanwendung zur Softwareentwicklung.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Atlassian Bamboo, Atlassian Bitbucket, Atlassian Confluence und Atlassian Jira ausnutzen, um beliebigen Programmcode auszuf\u00fchren, um Sicherheitsvorkehrungen zu umgehen, um einen Denial of Service Angriff durchzuf\u00fchren, und um einen Cross-Site Scripting Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-0177 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0177.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-0177 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0177"
},
{
"category": "external",
"summary": "Atlassian Support Security Bulletin vom 2026-01-20",
"url": "https://confluence.atlassian.com/security/security-bulletin-january-20-2026-1712324819.html"
},
{
"category": "external",
"summary": "Deell Security Update",
"url": "https://www.dell.com/support/kbdoc/en-us/000281732/dsa-2025-075-security-update-for-dell-data-protection-advisor-for-multiple-component-vulnerabilities"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - March 17 2026",
"url": "https://confluence.atlassian.com/security/security-bulletin-march-17-2026-1721271371.html"
}
],
"source_lang": "en-US",
"title": "Atlassian Bamboo, Bitbucket, Confluence und Jira: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-03-18T23:00:00.000+00:00",
"generator": {
"date": "2026-03-19T09:58:07.378+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2026-0177",
"initial_release_date": "2026-01-20T23:00:00.000+00:00",
"revision_history": [
{
"date": "2026-01-20T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-01-25T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2026-01-28T23:00:00.000+00:00",
"number": "3",
"summary": "Referenz(en) aufgenommen: EUVD-2026-4913"
},
{
"date": "2026-03-17T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2026-03-18T23:00:00.000+00:00",
"number": "5",
"summary": "doppelte Eintragung bereinigt"
}
],
"status": "final",
"version": "5"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c12.0.2",
"product": {
"name": "Atlassian Bamboo Data Center \u003c12.0.2",
"product_id": "T050227"
}
},
{
"category": "product_version",
"name": "Data Center 12.0.2",
"product": {
"name": "Atlassian Bamboo Data Center 12.0.2",
"product_id": "T050227-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:data_center__12.0.2"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c10.2.13",
"product": {
"name": "Atlassian Bamboo Data Center \u003c10.2.13",
"product_id": "T050228"
}
},
{
"category": "product_version",
"name": "Data Center 10.2.13",
"product": {
"name": "Atlassian Bamboo Data Center 10.2.13",
"product_id": "T050228-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:data_center__10.2.13"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c9.6.21",
"product": {
"name": "Atlassian Bamboo Data Center \u003c9.6.21",
"product_id": "T050229"
}
},
{
"category": "product_version",
"name": "Data Center 9.6.21",
"product": {
"name": "Atlassian Bamboo Data Center 9.6.21",
"product_id": "T050229-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:data_center__9.6.21"
}
}
},
{
"category": "product_version_range",
"name": "\u003c12.1.3 (LTS)",
"product": {
"name": "Atlassian Bamboo \u003c12.1.3 (LTS)",
"product_id": "T051830"
}
},
{
"category": "product_version",
"name": "12.1.3 (LTS)",
"product": {
"name": "Atlassian Bamboo 12.1.3 (LTS)",
"product_id": "T051830-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:12.1.3_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.16 (LTS)",
"product": {
"name": "Atlassian Bamboo \u003c10.2.16 (LTS)",
"product_id": "T051831"
}
},
{
"category": "product_version",
"name": "10.2.16 (LTS)",
"product": {
"name": "Atlassian Bamboo 10.2.16 (LTS)",
"product_id": "T051831-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:10.2.16_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.6.24 (LTS)",
"product": {
"name": "Atlassian Bamboo \u003c9.6.24 (LTS)",
"product_id": "T051832"
}
},
{
"category": "product_version",
"name": "9.6.24 (LTS)",
"product": {
"name": "Atlassian Bamboo 9.6.24 (LTS)",
"product_id": "T051832-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bamboo:9.6.24_%28lts%29"
}
}
}
],
"category": "product_name",
"name": "Bamboo"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c10.1.1",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c10.1.1",
"product_id": "T050230"
}
},
{
"category": "product_version",
"name": "Data Center 10.1.1",
"product": {
"name": "Atlassian Bitbucket Data Center 10.1.1",
"product_id": "T050230-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__10.1.1"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c9.4.15",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c9.4.15",
"product_id": "T050231"
}
},
{
"category": "product_version",
"name": "Data Center 9.4.15",
"product": {
"name": "Atlassian Bitbucket Data Center 9.4.15",
"product_id": "T050231-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__9.4.15"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c8.19.26",
"product": {
"name": "Atlassian Bitbucket Data Center \u003c8.19.26",
"product_id": "T050232"
}
},
{
"category": "product_version",
"name": "Data Center 8.19.26",
"product": {
"name": "Atlassian Bitbucket Data Center 8.19.26",
"product_id": "T050232-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:data_center__8.19.26"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.1.5",
"product": {
"name": "Atlassian Bitbucket \u003c10.1.5",
"product_id": "T051833"
}
},
{
"category": "product_version",
"name": "10.1.5",
"product": {
"name": "Atlassian Bitbucket 10.1.5",
"product_id": "T051833-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:10.1.5"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.2.0 to 10.2.1",
"product": {
"name": "Atlassian Bitbucket \u003c10.2.0 to 10.2.1",
"product_id": "T051834"
}
},
{
"category": "product_version",
"name": "10.2.0 to 10.2.1",
"product": {
"name": "Atlassian Bitbucket 10.2.0 to 10.2.1",
"product_id": "T051834-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:10.2.0_to_10.2.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.17 to 9.4.18",
"product": {
"name": "Atlassian Bitbucket \u003c9.4.17 to 9.4.18",
"product_id": "T051835"
}
},
{
"category": "product_version",
"name": "9.4.17 to 9.4.18",
"product": {
"name": "Atlassian Bitbucket 9.4.17 to 9.4.18",
"product_id": "T051835-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:9.4.17_to_9.4.18"
}
}
}
],
"category": "product_name",
"name": "Bitbucket"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c10.2.2",
"product": {
"name": "Atlassian Confluence Data Center \u003c10.2.2",
"product_id": "T050233"
}
},
{
"category": "product_version",
"name": "Data Center 10.2.2",
"product": {
"name": "Atlassian Confluence Data Center 10.2.2",
"product_id": "T050233-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center__10.2.2"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c9.2.13",
"product": {
"name": "Atlassian Confluence Data Center \u003c9.2.13",
"product_id": "T050234"
}
},
{
"category": "product_version",
"name": "Data Center 9.2.13",
"product": {
"name": "Atlassian Confluence Data Center 9.2.13",
"product_id": "T050234-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:data_center__9.2.13"
}
}
}
],
"category": "product_name",
"name": "Confluence"
},
{
"branches": [
{
"category": "product_version_range",
"name": "Data Center \u003c11.3.0",
"product": {
"name": "Atlassian Jira Data Center \u003c11.3.0",
"product_id": "T050235"
}
},
{
"category": "product_version",
"name": "Data Center 11.3.0",
"product": {
"name": "Atlassian Jira Data Center 11.3.0",
"product_id": "T050235-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:data_center__11.3.0"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c11.2.1",
"product": {
"name": "Atlassian Jira Data Center \u003c11.2.1",
"product_id": "T050236"
}
},
{
"category": "product_version",
"name": "Data Center 11.2.1",
"product": {
"name": "Atlassian Jira Data Center 11.2.1",
"product_id": "T050236-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:data_center__11.2.1"
}
}
},
{
"category": "product_version_range",
"name": "Data Center \u003c10.3.16",
"product": {
"name": "Atlassian Jira Data Center \u003c10.3.16",
"product_id": "T050237"
}
},
{
"category": "product_version",
"name": "Data Center 10.3.16",
"product": {
"name": "Atlassian Jira Data Center 10.3.16",
"product_id": "T050237-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:data_center__10.3.16"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.12.26",
"product": {
"name": "Atlassian Jira \u003c9.12.26",
"product_id": "T050238"
}
},
{
"category": "product_version",
"name": "9.12.26",
"product": {
"name": "Atlassian Jira 9.12.26",
"product_id": "T050238-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:jira:9.12.26"
}
}
}
],
"category": "product_name",
"name": "Jira"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c19.12",
"product": {
"name": "Dell Data Protection Advisor \u003c19.12",
"product_id": "T050283"
}
},
{
"category": "product_version",
"name": "19.12",
"product": {
"name": "Dell Data Protection Advisor 19.12",
"product_id": "T050283-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:dell:data_protection_advisor:19.12"
}
}
}
],
"category": "product_name",
"name": "Data Protection Advisor"
}
],
"category": "vendor",
"name": "Dell"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2021-3807",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2021-3807"
},
{
"cve": "CVE-2022-25883",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2022-25883"
},
{
"cve": "CVE-2022-45693",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2022-45693"
},
{
"cve": "CVE-2024-21538",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-21538"
},
{
"cve": "CVE-2024-38286",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-38286"
},
{
"cve": "CVE-2024-45296",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-45296"
},
{
"cve": "CVE-2024-45801",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2024-45801"
},
{
"cve": "CVE-2025-12383",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-12383"
},
{
"cve": "CVE-2025-15284",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-15284"
},
{
"cve": "CVE-2025-27152",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-27152"
},
{
"cve": "CVE-2025-41249",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-41249"
},
{
"cve": "CVE-2025-48976",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48976"
},
{
"cve": "CVE-2025-48989",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-48989"
},
{
"cve": "CVE-2025-49146",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-49146"
},
{
"cve": "CVE-2025-52434",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-52434"
},
{
"cve": "CVE-2025-52999",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-52999"
},
{
"cve": "CVE-2025-53689",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-53689"
},
{
"cve": "CVE-2025-54988",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-54988"
},
{
"cve": "CVE-2025-55163",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-55163"
},
{
"cve": "CVE-2025-55752",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-55752"
},
{
"cve": "CVE-2025-64775",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-64775"
},
{
"cve": "CVE-2025-66516",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-66516"
},
{
"cve": "CVE-2025-9287",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-9287"
},
{
"cve": "CVE-2025-9288",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2025-9288"
},
{
"cve": "CVE-2026-21569",
"product_status": {
"known_affected": [
"T050283",
"T050235",
"T051831",
"T050234",
"T051832",
"T050237",
"T050236",
"T051830",
"T050231",
"T050230",
"T050233",
"T050232",
"T050228",
"T051835",
"T050227",
"T050238",
"T051833",
"T050229",
"T051834"
]
},
"release_date": "2026-01-20T23:00:00.000+00:00",
"title": "CVE-2026-21569"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…