Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.

Publishing Policy

When a critical severity security vulnerability is discovered and resolved, we will inform customers through the following mechanisms:

  • We will post a security advisory on Security Advisories at the same time as releasing a fix for the vulnerability.
  • We will send an email copy of all critical security advisories to the technical contacts we have in our database. 

If you want to track non-critical severity security vulnerabilities, you need to monitor the issue trackers for the relevant products on, for example, for Xray for Jira Server and Data Center. Security issues are marked with security labels: security_vulnerability_critical, security_vulnerability_high, security_vulnerability_medium, security_vulnerability_low).

All security issues will be listed in the release notes of the release where they have been fixed, similar to other bugs. 


Children Display

List of Know Security Vulnerabilities for Xray

serverXpand IT Issue Tracker
jqlQueryproject = "Xray for Jira" and labels in (security_vulnerability_critical, security_vulnerability_high, security_vulnerability_medium, security_vulnerability_low) order by labels, created desc