20 maja 2025 r. firma Atlassian opublikowała ostrzeżenia dotyczące bezpieczeństwa w celu rozwiązania luk w następujących produktach:
• Bamboo Data Center i Server – wiele wersji
• Confluence Data Center i Server – wiele wersji
• Fisheye/Crucible – wersja 4.9.0
• Jira Data Center i Server – wiele wersji
• Jira Service Management Data Center i Server – wiele wersji
| Biuletyn Bezpieczeństwa | |||||
| Produkt | Wersja podatna | Wersja-Patch | Opis | CVE ID | CVSS |
| Bamboo Data Center and Server | 11.0.0 10.2.0 do 10.2.3 (LTS) 10.1.0 do 10.1.1 10.0.0 do 10.0.3 9.6.0 do 9.6.12 (LTS) | 11.0.1 Data Center Tylko 10.2.4 (LTS) c Data Center Tylko 9.6.13 (LTS) Data Center Tylko | DoS (Denial of Service) org.apache.tomcat:tomcat-coyote Dependency in Bamboo Data Center and Server | CVE-2025-31650 | 7.5 |
| Confluence Data Center and Server | 9.4.0 9.3.1 do 9.3.2 9.2.0 do 9.2.3 (LTS) 9.1.0 do 9.1.1 9.0.1 do 9.0.3 8.9.0 do 8.9.8 8.8.0 do 8.8.1 8.7.1 do 8.7.2 8.6.0 do 8.6.2 8.5.0 do 8.5.21 (LTS) 7.13.18 do 7.13.20 (LTS) | 9.4.1 Data Center Tylko 9.2.4 (LTS) Rekomendowany Data Center Tylko 8.5.22 (LTS) | DoS (Denial of Service) com.thoughtworks.xstream:xstream Dependency in Confluence Data Center and Server | CVE-2024-47072 | 7.5 |
| DoS (Denial of Service) org.apache.tomcat:tomcat-coyote Dependency in Confluence Data Center and Server | CVE-2025-31650 | 7.5 | |||
| Fisheye/Crucible | 4.9.0 | 4.9.1 rekomendowany | DoS (Denial of Service) net.minidev:json-smart Dependency in Crucible Data Center and Server | CVE-2024-57699 | 7.5 |
| Jira Data Center and Server | 10.5.0 do 10.5.1 10.4.0 do 10.4.1 10.3.0 do 10.3.4 (LTS) 10.2.0 do 10.2.1 10.1.1 do 10.1.2 10.0.0 do 10.0.1 9.17.0 do 9.17.5 9.16.0 do 9.16.1 9.15.2 9.14.0 do 9.14.1 9.13.0 do 9.13.1 9.12.0 do 9.12.19 (LTS) 9.11.3 | 10.6.0 Data Center Tylko 10.3.5 do 10.3.6 (LTS) rekomendowany Data Center Tylko 9.12.22 do 9.12.23 (LTS) | DoS (Denial of Service) io.netty:netty-handler Dependency in Jira Software Data Center and Server | CVE-2025-24970 | 7.5 |
| PrivEsc (Privilege Escalation) in Jira Core Data Center | CVE-2025-22157 | 7.2 | |||
| Jira Service Management Data Center and Server | 10.5.0 do 10.5.1 10.4.0 do 10.4.1 10.3.0 do 10.3.4 (LTS) 10.2.0 do 10.2.1 10.1.1 do 10.1.2 10.0.0 do 10.0.1 5.17.0 do 5.17.5 5.16.0 do 5.16.1 5.15.2 5.14.0 do 5.14.1 5.13.0 do 5.13.1 5.12.0 do 5.12.19 (LTS) 5.11.3 | 10.6.0 Data Center Tylko 10.3.5 do 10.3.6 (LTS) rekomendowany Data Center Tylko 5.12.22 do 5.12.23 (LTS) | DoS (Denial of Service) io.netty:netty-handler Dependency in Jira Service Management Data Center and Server | CVE-2025-24970 | 7.5 |
| PrivEsc (Privilege Escalation) in Jira Service Management Data Center | CVE-2025-22157 | 7.2 | |||
