Workzone, Organizr and Reminders Security Advisory 07-12-2023
Atlassian has let us know about four fresh CVEs impacting their products – we’ll focus on Bitbucket Server/Data Center and how Workzone, Organizr and Reminders are affected.
TL;DR – 
Good news: None of our products are affected, if you follow the official Atlassian Security Advisory – Read on for more details.
Workzone, Organizr and Reminders are Bitbucket server / datacenter apps (plugins, add-ons) that re-use most of the Bitbucket host bundled libraries. If the version of the Bitbucket host ships with a vulnerable version for SnakeYaml then the app will use this version as well.
Atlassian recommends to upgrade the Bitbucket version to a safe version. Here is a guide on which safe Bitbucket version and which App version to use.
| Bitbucket 7 |  Workzone |  Organizr |  Reminders |
|---|---|---|---|
7.21.16 (LTS) | Latest Workzone 7.9.4 version | Latest Organizr 7.8.14 version | Latest Reminders 7.1.1 version |
Bitbucket 8 | |||
8.8.78.9.4 (LTS)8.10.4 8.11.3 8.12.1 8.13.08.14.08.15.0 (Data Center Only)8.16.0 (Data Center Only) | Latest Workzone 8.4.4 version | latest Organizr 8.0.10 version | Latest Reminders 8.0.0 version |
After upgrading to a safe Bitbucket host version, all apps will be safe again as well.
If you have any concerns or questions, please reach out to Izymes support here.
