all InfoSec news
Atlassian fixes four critical RCE vulnerabilities, patch quickly!
Help Net Security www.helpnetsecurity.com
Atlassian has released security updates for four critical vulnerabilities (CVE-2023-1471, CVE-2023-22522, CVE-2023-22524, CVE-2023-22523) in its various offerings that could be exploited to execute arbitrary code. About the vulnerabilities CVE-2022-1471 is a deserialization flaw in the SnakeYAML library for Java that can lead to remote code execution (RCE). It affects Automation for Jira app (including Server Lite edition), Bitbucket Data Center, Bitbucket Server, Confluence Data Center, Confluence Server, Confluence Cloud, Migration App, Jira Core Data Center, … More
The post …
arbitrary code atlassian atlassian confluence automation bitbucket code code execution critical critical vulnerabilities cve deserialization don't miss exploited fixes flaw hot stuff java jira jira software library patch quickly rce remote code remote code execution security security update security updates updates vulnerabilities vulnerability