Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: Highest
Fix Version/s: 9.3.0, 9.1.2, 8.2.8, 9.0.3, 8.0.13, 8.1.12, 9.2.3
Affects Version/s: 8.0.0, 9.0.0, 8.2.7, 9.2.1
Component/s: Security
Labels:
None

Support reference count:
4
Symptom Severity:
Severity 2 - Major

Problem

The Commons FileUpload library is affected by vulnerability CVE-2023-24998. This library is used by Tomcat and exported directly by Bamboo.

Environment

Bamboo 8+, 9+

Steps to Reproduce

Expected Results

Use commons-fileupload version >=1.5

Actual Results

Current Bamboo Releases use commons-fileupload version < 1.5

Workaround

Currently, there is no known workaround for this behaviour. A workaround will be added here when available.

Notes

mentioned in: Page Loading...; Page Loading...; Page Loading...

Assignee:: Alexey Chystoprudov
Reporter:: Vani
Votes:: 0 Vote for this issue
Watchers:: 4 Start watching this issue

Created:: 02/Mar/2023 2:12 AM
Updated:: 07/Apr/2025 5:56 PM
Resolved:: 28/Mar/2023 9:39 AM