I've recently migrated from Snyk Scan pipe to Bitbucket Dependency Scanner, but I'm running into an issue. I'm using script: - pipe: atlassian/bitbucket-dependency-scanner:0.5.0 variables: ...

• Bitbucket
• bitbucket
• bitbucket-cloud
• bitbucket-pipelines
• cloud
• cve
• +3 more tags...

Hi,   Is there a way to access code insight report generated after bitbucket dependency scan? I want to upload this insights report to artifact so that i can access in the next steps in the pi...

• Bitbucket
• bitbucket
• bitbucket-cloud
• bitbucket-pipelines
• cloud
• cve
• +3 more tags...

Specific error message: Status: Downloaded newer image for bitbucketpipelines/bitbucket-dependency-scanner:0.1.4 time="2024-11-19T16:21:25Z" level=error msg="error waiting for ...

• Bitbucket
• bitbucket
• bitbucket-cloud
• bitbucket-pipelines
• cloud
• cve
• +3 more tags...

...nalyzer (2 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished V...

• Bitbucket
• bitbucket
• bitbucket-cloud
• bitbucket-pipelines
• cloud
• cve
• +3 more tags...

while im using the pipe bitbucket dependency scanner its getting failed. 

• Bitbucket
• bitbucket
• bitbucket-cloud
• bitbucket-pipelines
• cloud
• cve
• +3 more tags...

...ffline file instead of Api key?   Can i download an deprecated version and use the import/assset/cve folder or maby can i spoof the api key from NVD and point to a json file?    

• Jira Service Management
• assets
• cve
• jira-service-desk-data-center
• jira-service-management
• jira-service-management-data-center
• +2 more tags...

I'd like to know if Atlassian was impacted by any of these: CVE-2023-46805 (Authentication Bypass) in the web component of Ivanti ICS CVE-2024-21887 (Command Injection) for Ivanti Connect S...

• Trust & Security
• cve
• jira-service-desk
• jira-software

Hi all I need to set up an nvd assets database. I'm using the cve import module, is there any possibility to use this solution ofline?  I saw that in a previus version there was a ofline-m...

• Jira Service Management
• assets
• cve
• jira-service-management
• jira-service-management-server
• nist
• +1 more tag...

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23529

• Trust & Security
• cve

Our security scanning software is complaining about Apache Commons Text within our Confluence installation. When will Atlassian be posting guidance/remediation on this issue?

• Confluence
• apache
• confluence
• confluence-server
• cve
• server

Does the reported vulnerability CVE-2022-36804 affect the confluence tool?

• Confluence
• confluence
• cve
• security

Hi, as i can see in https://confluence.atlassian.com/security/multiple-products-security-advisory-cve-2022-26136-cve-2022-26137-1141493031.html our used jira & confluence versions are l...

• Jira
• confluence
• cve
• jira-software
• jira-software-server
• server
• +1 more tag...

What action should cloud customers (Confluence) need to take to keep corporate information secure? Is there any corrective action that customers need to take?

• Confluence
• cloud
• confluence
• confluence-cloud
• cve
• cve-2022-26136
• +2 more tags...

Hi ,  We are using a vunelrable jira server edition. 8.19.X for  CVE-2022-26135 - Full-Read Server Side Request Forgery in Mobile Plugin for Jira Data Center and Server. But t...

• Jira
• cve
• jira
• jira-server
• server

Good Afternoon, I have remediated CVE-2022-26134 with the temporary workaround in our stage environment for now and wanted to verify before doing the same to prod.  Is there a script or a c...

• Confluence
• confluence
• confluence-server
• cve
• cve-2022-26134
• server

Hello, We are using version 8.20.1 as jira server. However, we received a vulnerability notice today. CVE-2020-14179 we've done the readings for the issue here. I couldn't find such an open number o...

• Jira
• cve
• jira-core
• security
• server

See: https://lists.apache.org/thread/6ckmjfb1k61dyzkto9vm2k5jvt4o7w7c Would be great to have an Atlassian response/FAQ page similar to this one.  

• Bitbucket
• bitbucket
• bitbucket-server
• cve
• server

Regarding the recently announced critical security advisory for CVE-2022-0540 regarding Authentication bypass in JIRA Server, is this still a critical vulnerability if the JIRA instance is confined t...

• Jira
• cve
• cve-2022-0540
• jira-core
• security
• server

Hello Support-Team We use all Atlassian Based apps (automation, TeamCalender, Insight, Portfolio ...) Can You explain me, what impact the https://tanzu.vmware.com/security/cve-2022-22965&n...

• Apps & Integrations
• atl-rvw
• atlassian-marketplace
• cve

Bear with me here, This article outlines the following summary: No Atlassian on-premises products are vulnerable to CVE-2021-44228. Some on-premises products utilise a Atlassian-maintained f...

• Confluence
• confluence
• confluence-server
• cve
• log4j
• server

Installed Version 7.17.4 Per https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html the m...

• Bitbucket
• bitbucket
• bitbucket-server
• cve
• cve-2021-44228
• server

Dear Sirs My customer has a Jira Server 7.2.2 installation. The log4j library version installed in is 1.2.16. Associated with this version there was two vulnerabilities CVE-2019-17571&n...

• Jira
• cve
• jira-software
• jira-software-server
• server

...ommunity.atlassian.com/t5/Jira-articles/CVE-2019-11581-Critical-Security-Advisory-for-Jira-Server-and/ba-p/1128241

• Confluence
• cloud
• confluence-cloud
• cve
• jira-cloud

is the severity based on the assumption that the service is accessible over the internet?  

• Jira
• cve
• cve-2021-42574
• jira
• jira-server
• server

We are running the following versions of Service Desk, Jira Software and Insight. Does the following advisory apply to us? Jira Service Management Security Advisory 2021-10-20 | Administering Jira a...

• Jira Service Management
• cve
• cve-2018-10054
• insight
• jira-service-management
• jira-service-management-server
• +2 more tags...