Security alert infographic: Jira logo with red path traversal arrows altering files, JVM process icon; protective shields for patches and upgrades, with "Update Your Jira" warning banner over a server setup.

Atlassian disclosed CVE-2025-22167, a high-severity path traversal flaw (CVSS 8.7) in Jira Software Data Center and Server, enabling authenticated attackers to modify files accessible to the Jira JVM process. This could compromise system integrity by altering critical files.

Security alert infographic: Jira logo with red path traversal arrows altering files, JVM process icon; protective shields for patches and upgrades, with "Update Your Jira" warning banner over a server setup.Security alert infographic: Jira logo with red path traversal arrows altering files, JVM process icon; protective shields for patches and upgrades, with "Update Your Jira" warning banner over a server setup.

Affected versions include 9.12.0-9.12.27, 10.3.0-10.3.11, and 11.0.0-11.0.1. Atlassian has released patches, urging immediate upgrades to 9.12.28+, 10.3.12+, or 11.1.0+.

Security alert infographic: Jira logo with red path traversal arrows altering files, JVM process icon; protective shields for patches and upgrades, with "Update Your Jira" warning banner over a server setup.Security alert infographic: Jira logo with red path traversal arrows altering files, JVM process icon; protective shields for patches and upgrades, with "Update Your Jira" warning banner over a server setup.

Protect your systems: Apply updates promptly to prevent unauthorized modifications in multi-tenant environments.


NPAV offers a robust solution to combat cyber fraud. Protect yourself with our top-tier security product, Z Plus Security