Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-32557

Security vulnerability in apache commons fileupload

    XMLWordPrintable

Details

    Description

      Apache commons-fileupload 1.3.1 was released this weekend with a fix for CVE-2014-0050, involving a DoS attack when using specially crafted multipart requests. We need to determine if Confluence is vulnerable, and if so, upgrade to this version of the library.

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. JRASERVER-36938 Security vulnerability in apache commons fileupload

          • High - High priority issues
          • Closed

          Bug - A problem which impairs or prevents the functions of the product. BSERV-4362 Security vulnerability in apache commons fileupload

          • Low - Low priority issues
          • Closed
          Is related to

          BDEV-4448 Loading...

          Activity

            People

              drizzuto David Rizzuto
              richatkins Richard Atkins
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: