Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-25720

Upgrade Tomcat to fix CVE-2024-23672 and CVE-2024-24549

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Fixed
    • Icon: Medium Medium
    • 9.6.1, 9.2.13, 9.5.3
    • 9.2.9
    • Security
    • None

      Issue Summary

      Apache Tomcat should be upgraded to  9.0.86 or a later version to fix

      CVE-2024-23672
      CVE-2024-24549

      Steps to Reproduce

      • Check the Apache Tomcat version on pom.xml or <bamboo-install>/bin/version.sh/bat

      Expected Results

      • Bamboo 9.x: apache-tomcat.9.0.86 and later

      Actual Results

      • Bamboo 9.x: apache-tomcat.9.0.83

      Workaround

      N/A

              achystoprudov Alexey Chystoprudov
              cberry@atlassian.com Chris Berry (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: