Community resources
Community resources
Community resources
- Community
- Tag: vulnerability
Tag: "vulnerability"
-
I saw a workaround using JQL Queries in this documentation, but it doesn't actually work. The security containers are very important to our devs knowing at a glance where to go to fix the vulnerability...
-
...canner doesn't. It generates a report only if it succeeds, but I want the pipeline to fail in case a vulnerability needs to be addressed. Can the code for the pipe be changed to something like ......
-
Hi I'm trying to build some simple automation to set the priority and due dates based on severity of the vulnerabilities. It appears that vulnerability values cannot be used in automation....
-
Hi, Is there a way to access code insight report generated after bitbucket dependency scan? I want to upload this insights report to artifact so that i can access in the next steps in the pi...
-
Specific error message: Status: Downloaded newer image for bitbucketpipelines/bitbucket-dependency-scanner:0.1.4 time="2024-11-19T16:21:25Z" level=error msg="error waiting for ...
-
...nalyzer (2 seconds) [INFO] Finished False Positive Analyzer (0 seconds) [INFO] Finished NVD CVE Analyzer (0 seconds) [INFO] Finished Sonatype OSS Index Analyzer (0 seconds) [INFO] Finished Vulnerability...
-
while im using the pipe bitbucket dependency scanner its getting failed.
-
Hello Dear All, I want to create Jira Automation Rule that would link many similar Vulnerabilities found (the same vulnerability types) into one Jira issue. If the jira issue is already c...
-
Hello, We have Snyk integration with for new vulnerabilities and already defined automation rule to create new ticket once new vulnerability is detected. BUT - I can't find how to show the link\ f...
-
...an you share if you have the same vulnerability ?
-
Hi All I have a vulnerable issue for Path Traversal, how can I fix this issue with on-premise environment (v7.6.13) [JSDSERVER-6589] URL path traversal allows information disclosure - CVE-2019...
-
Hello Support. I'm a security analyst and I work directly with vulnerabilities. According to your text, this vulnerability (CVE-2020-36239 ) only affects the products: Jira Data C...
-
I received an alert from a 3rd party security vendor who scans my environment indicating my company status page has a vulnerability "SQL injection may be possible" and tagged it as a high risk. N...
-
Hi Team, As per recent scan we found out that there are lot of places where Atlassian bundled plugins are using log4j 1.2.17 inside. We are using Jira Service Management 8.13. Any suggestions how ...
-
Hi Atlassian Support team, We followed the steps to check our Jira & Confluence Server to identify the Log4J vulnerability. However, we just found the files with WEB-INF/lib/log4j2-stacktrace-o...
-
I see stash-java-client-core latest version uses log4j 1.X. I am aware log4j 1.X is not vulnerable to the Zero Day vulnerability but still I prefer to upgrade to 2.17 Has anyone found h...
-
...ira Cross-Site Scripting Vulnerability(JRASERVER-71652) Atlassian Jira Server And Data Center Improper Authentication Vulnerability(JRASERVER-72029) Atlassian Jira Server And Data Center Privilege E...
-
I have a Confluence (Server) 10 Users: Starter License for wich I see that the support expired on 27 Feb 2021. I have been hit by CVE-2021-26084 and updated to the latest version; now it ...
-
Hello, I've been reported the next Low vulnerability: "Open windows with normal hrefs with the tag target="_blank" can modify window.opener.location and replace the parent webpage with something e...
-
Around 2 months ago, we just recently upgraded to Jira version 8.9.0 and now we are getting some vulnerabilities on the said version. Here are the vulnerabilities that we have: - atlassian-jira-cve-...
-
Hi Guys, Do you guys know something about whitehat security csrf vulnerability , i am facing issue in deploying it getting "whitelabel error page : Invalid CSRF Token 'null' was found o...
-
During our security scan, we detected a version for Apache Tomcat in a verbose error page.. is there a configuration that can be modified to omit web application info - or disable verbose error pages...
-
Currently using JIRA Server v8.7.1 with Tomcat 8.5.42 embedded. Been directed by DoD to upgrade all Tomcat instances to 8.5.51 or better. So wondering if v8.8.0 solves this problem?
-
...erver and Jira Service Desk Data Center. Should I worry about this vulnerability issue? Is it affecting my products?
-
I am unsure if this is the right place to raise this question but I am increasingly curious about the rising number of software vulnerabilities being released in the last few months. Any insight int...
Copied to clipboard
