Atlassian Product Security Update Advisory (CVE-2025-22157)

Jul 04 2025

Overview

We have released security updates to fix vulnerabilities in Atlassian products. Users of affected products are advised to update to the latest version.

Affected Products

CVE-2025-22157

Jira Data Center and Server versions: 10.5.0 and later and 10.5.1 and earlier
Jira Data Center and Server versions: 10.4.0 and earlier and 10.4.1 and earlier
Jira Data Center and Server version : 10.3.0 or later and 10.3.4 (LTS) or earlier
Jira Data Center and Server version : 10.2.0 or later and 10.2.1 or earlier
Jira Data Center and Server version : 10.1.1 or later and 10.1.2 or earlier
Jira Data Center and Server version: 10.0.0 or later and 10.0.1 or earlier
Jira Data Center and Server version: 9.17.0 or later and 9.17.5 or earlier
Jira Data Center and Server version: 9.16.0 or later and 9.16.1 or earlier
Jira Data Center and Server version: 9.15.2
Jira Data Center and Server version: 9.14.0 or later and 9.14.1 or earlier
Jira Data Center and Server version: 9.13.0 or later and 9.13.1 or earlier
Jira Data Center and Server version : 9.12.0 or later and 9.12.19 (LTS) or earlier
Jira Data Center and Server version : 9.11.3

Jira Service Management Data Center and Server version: 10.5.0 or later and 10.5.1 or earlier
Jira Service Management Data Center and Server version : 10.4.0 or later and 10.4.1 or earlier
Jira Service Management Data Center and Server version : 10.3.0 or later and 10.3.4 (LTS) or earlier
Jira Service Management Data Center and Server version : 10.2.0 or later and 10.2.1 or earlier
Jira Service Management Data Center and Server version : 10.1.1 or earlier and 10.1.2 or earlier
Jira Service Management Data Center and Server version : 10.0.0 or later and 10.0.1 or earlier
Jira Service Management Data Center and Server version : 5.17.0 or later and 5.17.5 or earlier
Jira Service Management Data Center and Server version : 5.16.0 or later and 5.16.1 or earlier
Jira Service Management Data Center and Server version : 5.15.2
Jira Service Management Data Center and Server version : 5.14.0 or later and 5.14.1 or earlier
Jira Service Management Data Center and Server version : 5.13.0 or later and 5.13.1 or earlier
Jira Service Management Data Center and Server version : 5.12.0 or later and 5.12.19 (LTS) or earlier
Jira Service Management Data Center and Server version : 5.11.3

Resolved Vulnerabilities

Privilege escalation vulnerability in Jira Data Center and Server and Jira Service Management Data Center and Server (CVE-2025-22157)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2025-22157

Jira Data Center version: 10.6.0
Jira Data Center version : 10.3.5 or later 10.3.6 (LTS) or earlier recommended
Jira Data Center version : 9.12.22 or later 9.12.23 (LTS) or earlier

Jira Data Server version: 9.12.22 or later and 9.12.23 (LTS) or earlier

Jira Service Management Data Center version: 10.6.0
Jira Service Management Data Center version : 10.3.5 or later 10.3.6 (LTS) or earlier recommended
Jira Service Management Data Center version : 5.12.22 or later 5.12.23 (LTS) or earlier

Jira Service Management Server version: 5.12.22 or later and 5.12.23 (LTS) or earlier

References

[1] Security Bulletin – May 20 2025
https://confluence.atlassian.com/security/security-bulletin-may-20-2025-1561365992.html

Atlassian Product Security Update Advisory (CVE-2025-22157)

Microsoft Edge browser (138.0.3351.65) version security update advisory

Sudo Security Update Advisory (CVE-2025-32463)

Tags:

Microsoft Edge browser (138.0.3351.65) version security update advisory

Sudo Security Update Advisory (CVE-2025-32463)