Security News > 2022 > March > Atlassian flags Bitbucket and Confluence Data Center flaws

Atlassian flags Bitbucket and Confluence Data Center flaws
2022-03-25 15:45

Atlassian has demonstrated the interconnectedness of all things with a warning that some versions of Bitbucket Data Center and Confluence Data Center require patching courtesy of the Hazelcast Java deserialization vulnerability.

Hazelcast is an in-memory data grid and spreads data over the nodes of a cluster and is used for efficiency and performance via its in-memory tech.

The vulnerability affects products running as a cluster; the Server and Cloud versions of Bitbucket and Confluence are not affected.

Atlassian uses the technology in Bitbucket and Confluence Data Center, and has popped out an advisory to the effect that admins should update.

For Bitbucket Data Center, version 7.6.14 contains the fix.

The National Vulnerability Database published a warning in 2019.


News URL

https://go.theregister.com/feed/www.theregister.com/2022/03/25/atlassian_hazelcast/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Atlassian 58 3 259 104 46 412