High-Severity Flaws Uncovered in Atlassian Products and ISC BIND Server


The Internet Systems Consortium (ISC) and Atlassian have disclosed a number of security holes affecting their products that might be used to cause a DoS or remotely execute code. The four serious issues were resolved in fresh versions that were released last month, according to the Australian software services firm.

A deserialization problem in the Google Gson package that affects Patch Management in Jira Service Management Data Center and Server is CVE-2022-25647 (CVSS score: 7.5). _x000D_CVE-2023-22512 (7.5 out of 10 for CVSS) - Confluence Data Center and Server DoS vulnerability. CVE-2023-22513 (8.5 CVSS) - A vulnerability in the server and data center of Bitbucket. _x000D_CVSS score for CVE-2023-28709 is 7.5. - Bamboo Data Center and Server are affected by a DoS vulnerability in Apache Tomcat server

Read More…