Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Low
Fix Version/s: 8.0.7, 8.2.2, 8.1.6
Affects Version/s: 8.0.0, 8.1.1, 8.2.0
Component/s: Security
Labels:
None

Symptom Severity:
Severity 1 - Critical
Bug Fix Policy:
View Atlassian Server bug fix policy

Description

Issue Summary

Spring dependency should be upgraded to 5.3.18+ to fix CVE-2022-22965 which is critical for JDK 11 environment

Steps to Reproduce

See dependencies at WEB-INF/lib

Expected Results

spring-beans 5.3.18+ is expected

Actual Results

spring-beans 5.3.10 is used

Workaround

Currently there is no known workaround for this behavior. A workaround will be added here when available

Attachments

Issue Links

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...

Activity

People

Assignee:: Alexey Chystoprudov

Reporter:: Alexey Chystoprudov

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 20/May/2022 9:25 AM

Updated:: 11/Sep/2023 6:29 PM

Resolved:: 20/May/2022 9:25 AM