Vulnerabilities > Atlassian > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-25 | CVE-2019-3396 | Path Traversal vulnerability in Atlassian Confluence The Widget Connector macro in Atlassian Confluence Server before version 6.6.12 (the fixed version for 6.6.x), from version 6.7.0 before 6.12.3 (the fixed version for 6.12.x), from version 6.13.0 before 6.13.3 (the fixed version for 6.13.x), and from version 6.14.0 before 6.14.2 (the fixed version for 6.14.x), allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection. | 10.0 |
2019-03-08 | CVE-2018-20236 | Command Injection vulnerability in Atlassian Sourcetree There was an command injection vulnerability in Sourcetree for Windows from version 0.5a before version 3.0.10 via URI handling. | 9.3 |
2019-03-08 | CVE-2018-20235 | Unspecified vulnerability in Atlassian Sourcetree There was an argument injection vulnerability in Atlassian Sourcetree for Windows from version 0.5a before version 3.0.15 via filenames in Mercurial repositories. | 9.0 |
2019-03-08 | CVE-2018-20234 | Argument Injection or Modification vulnerability in Atlassian Sourcetree There was an argument injection vulnerability in Atlassian Sourcetree for macOS from version 1.2 before version 3.1.1 via filenames in Mercurial repositories. | 9.0 |
2018-11-05 | CVE-2018-13397 | Unspecified vulnerability in Atlassian Sourcetree There was an argument injection vulnerability in Sourcetree for Windows from version 0.5.1.0 before version 3.0.0 via Git subrepositories in Mercurial repositories. | 9.0 |
2018-11-05 | CVE-2018-13396 | Unspecified vulnerability in Atlassian Sourcetree There was an argument injection vulnerability in Sourcetree for macOS from version 1.0b2 before version 3.0.0 via Git subrepositories in Mercurial repositories. | 9.0 |
2018-03-29 | CVE-2018-5224 | Improper Input Validation vulnerability in Atlassian Bamboo Bamboo did not correctly check if a configured Mercurial repository URI contained values that the Windows operating system may consider argument parameters. | 9.0 |
2018-01-26 | CVE-2017-14593 | Command Injection vulnerability in Atlassian Sourcetree Sourcetree for Windows had several argument and command injection bugs in Mercurial and Git repository handling. | 9.0 |
2018-01-26 | CVE-2017-14592 | Command Injection vulnerability in Atlassian Sourcetree Sourcetree for macOS had several argument and command injection bugs in Mercurial and Git repository handling. | 9.0 |
2017-12-13 | CVE-2017-14590 | Unspecified vulnerability in Atlassian Bamboo Bamboo did not check that the name of a branch in a Mercurial repository contained argument parameters. | 9.0 |