Atlassian security advisory (AV23-742)

From: Canadian Centre for Cyber Security

Serial number: AV23-742
Date: December 6, 2023

On December 5, 2023, Atlassian published security advisories to address vulnerabilities in multiple products. Included were critical updates for the following:

Confluence Data Center and Server – multiple versions
Atlassian Companion App for MacOS – versions prior to 2.0.0
Assets Discovery – multiple versions
SnakeYAML library – multiple versions

Exploitation of these vulnerabilities could result in execution of arbitrary code.

The Cyber Centre encourages users and administrators to review the provided web links and apply the necessary updates.

SnakeYAML library RCE Vulnerability In Multiple Products
RCE Vulnerability In Confluence Data Center and Confluence Server
RCE Vulnerability in Atlassian Companion App for MacOS
RCE Vulnerability in Assets Discovery
Atlassian December 2023 Security Advisories

Report a problem on this page

Date modified:: 2023-12-06

Language selection

Search

Atlassian security advisory (AV23-742)

Thank you for your help!