Vulnerabilities > Atlassian > Jira Software Data Center > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-07-03 | CVE-2020-14172 | Deserialization of Untrusted Data vulnerability in Atlassian Jira and Jira Software Data Center This issue exists to document that a security improvement in the way that Jira Server and Data Center use velocity templates has been implemented. | 9.8 |
| 2020-06-23 | CVE-2019-20409 | Injection vulnerability in Atlassian Jira Software Data Center The way in which velocity templates were used in Atlassian Jira Server and Data Center prior to version 8.8.0 allowed remote attackers to gain remote code execution if they were able to exploit a server side template injection vulnerability. | 9.8 |