Atlassian Jira_data_center
80 CVEs affecting Atlassian Jira_data_center. Latest disclosed: 2025-10-22. Critical: 3, High: 13.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-26136 | Critical | 9.8 | 2022-07-20 | A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. The impa… |
CVE-2022-0540 | Critical | 9.8 | 2022-04-20 | A vulnerability in Jira Seraph allows a remote, unauthenticated attacker to bypass authentication by sending a specially crafted HTTP request. This affects Atl… |
CVE-2020-36239 | Critical | 9.8 | 2021-07-29 | Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 before 8.17.0 and Ji… |
CVE-2025-22157 | High | 8.8 | 2025-05-20 | This High severity PrivEsc (Privilege Escalation) vulnerability was introduced in versions: 9.12.0, 10.3.0, 10.4.0, and 10.5.0 of Jira Core Data Center and Se… |
CVE-2024-21683 | High | 8.8 | 2024-05-21 | This High severity RCE (Remote Code Execution) vulnerability was introduced in version 5.2 of Confluence Data Center and Server. This RCE (Remote Code Executi… |
CVE-2022-26137 | High | 8.8 | 2022-07-20 | A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application… |
CVE-2019-20419 | High | 7.8 | 2020-07-03 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to execute arbitrary code via a DLL hijacking vulnerability in Tomcat. The af… |
CVE-2021-39113 | High | 7.5 | 2021-08-30 | Affected versions of Atlassian Jira Server and Data Center allow anonymous remote attackers to continue to view cached content even after losing permissions, v… |
CVE-2020-14178 | High | 7.5 | 2020-09-01 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate project keys via an Information Disclosure vulnerability in the… |
CVE-2020-14167 | High | 7.5 | 2020-07-01 | The MessageBundleResource resource in Jira Server and Data Center before version 7.13.4, from 8.5.0 before 8.5.5, from 8.8.0 before 8.8.2, and from 8.9.0 befor… |
CVE-2019-20413 | High | 7.5 | 2020-06-29 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulner… |
CVE-2022-36799 | High | 7.2 | 2022-08-01 | This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of… |
CVE-2021-43944 | High | 7.2 | 2022-03-08 | This issue exists to document that a security improvement in the way that Jira Server and Data Center use templates has been implemented. Affected versions of… |
CVE-2021-43947 | High | 7.2 | 2022-01-06 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers with administrator privileges to execute arbitrary code via a Remote Code Exe… |
CVE-2021-39128 | High | 7.2 | 2021-09-16 | Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon allow remote attackers with JIRA Administrators access to exe… |
CVE-2019-15001 | High | 7.2 | 2019-09-19 | The Jira Importers Plugin in Atlassian Jira Server and Data Cente from version with 7.0.10 before 7.6.16, from 7.7.0 before 7.13.8, from 8.0.0 before 8.1.3, fr… |
CVE-2025-22167 | Medium | 6.5 | 2025-10-22 | This High severity Path Traversal (Arbitrary Write) vulnerability was introduced in versions: 9.12.0, 10.3.0 and remain present in 11.0.0 of Jira Software Data… |
CVE-2024-21685 | Medium | 6.5 | 2024-06-18 | This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information D… |
CVE-2022-26135 | Medium | 6.5 | 2022-06-30 | A vulnerability in Mobile Plugin for Jira Data Center and Server allows a remote, authenticated user (including a user who joined via the sign-up feature) to p… |
CVE-2021-43941 | Medium | 6.5 | 2022-02-15 | Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify several resources (including CsvFieldMappingsPage.jspa and Importer… |