Uploaded image for project: 'Bamboo Data Center'
  1. Bamboo Data Center
  2. BAM-26044

Is bamboo vulnerable to CVE-2024-53677

XMLWordPrintable

    • Icon: Suggestion Suggestion
    • Resolution: Unresolved
    • None
    • Security
    • None

    • Our product teams collect and evaluate feedback from a number of different sources. To learn more about how we use customer feedback in the planning process, check out our new feature policy.

      See title.  My company's automatic vulnerability scanning has been flagging the following file in my download of Atlassian bamboo DC 10.2.1

      atlassian-bamboo\web-inf\lib\struts2-core-2.5.33-atlassian-1.jar

      https://www.herodevs.com/vulnerability-directory/cve-2024-53677

      The vulnerability is listed as critical, but I don't see any reference to it in any security bulletins put out by Atlassian.   Has bamboo been checked against this vulnerability?  Is there any possibility of updating the version to appease security scanners?

          Form Name

            [BAM-26044] Is bamboo vulnerable to CVE-2024-53677

            There are no comments yet on this issue.

              Unassigned Unassigned
              4a48af91eeab Warren Spencer
              Votes:
              2 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated: