Vulnerabilities (CVE)

Filtered by vendor Atlassian Subscribe
Filtered by product Companion
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-4020 1 Atlassian 1 Companion 2024-11-21 6.5 MEDIUM 7.2 HIGH
The file downloading functionality in the Atlassian Companion App before version 1.0.0 allows remote attackers, who control a Confluence Server instance that the Companion App is connected to, execute arbitrary .exe files via a Protection Mechanism Failure.
CVE-2020-4019 1 Atlassian 1 Companion 2024-11-21 4.4 MEDIUM 7.8 HIGH
The file editing functionality in the Atlassian Companion App before version 1.0.0 allows local attackers to have the app run a different executable in place of the app's cmd.exe via a untrusted search path vulnerability.
CVE-2023-22524 2 Apple, Atlassian 2 Macos, Companion 2024-02-28 N/A 9.8 CRITICAL
Certain versions of the Atlassian Companion App for MacOS were affected by a remote code execution vulnerability. An attacker could utilize WebSockets to bypass Atlassian Companion’s blocklist and MacOS Gatekeeper to allow execution of code.