Security News > 2023 > September > High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server

High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server
2023-09-22 08:00

Atlassian and the Internet Systems Consortium (ISC) have disclosed several security flaws impacting their products that could be exploited to achieve denial-of-service (DoS) and remote code execution. The Australian software services provider said that the four high-severity flaws were fixed in new versions shipped last month. This includes - CVE-2022-25647 (CVSS score: 7.5) - A deserialization


News URL

https://thehackernews.com/2023/09/high-severity-flaws-uncovered-in.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2022-05-01 CVE-2022-25647 Deserialization of Untrusted Data vulnerability in multiple products
The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.
network
low complexity
google debian netapp oracle CWE-502
7.5
7.5

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Atlassian 58 56 291 41 34 422
ISC 7 11 91 64 5 171