Details
-
Bug
-
Resolution: Fixed
-
Low
-
4.2.3
-
Severity 3 - Minor
-
Description
The DiskFileItem class from the Apache Commons FileUpload library before version 1.3.3 was vulnerable to CVE-2016-1000031. Atlassian Crucible was using a vulnerable version of this library, although not the DiskFileItem class. Crucible has been updated to use the safe version of the Apache Commons FileUpload library.
Attachments
Issue Links
- relates to
-
FE-7164 Fisheye had a vulnerable version of Apache Commons FileUpload - CVE-2016-1000031
- Closed