Atlassian Connect Spring Boot

In 2024 there have been 0 vulnerabilities in Atlassian Connect Spring Boot . Connect Spring Boot did not have any published security vulnerabilities last year.

Year	Vulnerabilities	Average Score
2024	0	0.00
2023	0	0.00
2022	0	0.00
2021	2	7.65
2020	0	0.00
2019	0	0.00
2018	0	0.00

It may take a day or so for new Connect Spring Boot vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Atlassian Connect Spring Boot Security Vulnerabilities

Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and

CVE-2021-26077 8.8 - High - May 10, 2021

Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Spring Boot versions 1.1.0 before 2.1.3 and versions 2.1.4 before 2.1.5 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app.

authentification

Broken Authentication in Atlassian Connect Spring Boot (ACSB)

CVE-2021-26074 6.5 - Medium - April 16, 2021

Broken Authentication in Atlassian Connect Spring Boot (ACSB) from version 1.1.0 before version 2.1.3: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring Boot app occurs with a server-to-server JWT or a context JWT. Atlassian Connect Spring Boot versions from version 1.1.0 before version 2.1.3 erroneously accept context JWTs in lifecycle endpoints (such as installation) where only server-to-server JWTs should be accepted, permitting an attacker to send authenticated re-installation events to an app.

authentification

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Atlassian Connect Spring Boot or by Atlassian? Click the Watch button to subscribe.

Atlassian
Vendor

Atlassian Connect Spring Boot
Product

By the Year

Recent Atlassian Connect Spring Boot Security Vulnerabilities

Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and CVE-2021-26077 8.8 - High - May 10, 2021

Broken Authentication in Atlassian Connect Spring Boot (ACSB) CVE-2021-26074 6.5 - Medium - April 16, 2021

Stay on top of Security Vulnerabilities

Atlassian Vendor

Atlassian Connect Spring BootProduct

Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and

CVE-2021-26077 8.8 - High - May 10, 2021

Broken Authentication in Atlassian Connect Spring Boot (ACSB)

CVE-2021-26074 6.5 - Medium - April 16, 2021

Atlassian
Vendor

Atlassian Connect Spring Boot
Product