Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-71181

Jira server log throws Security framework of XStream not initialized, XStream is probably vulnerable.

    XMLWordPrintable

Details

    • 4
    • We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      Problem Definition

      Jira server log throws "Security framework of XStream not initialized, XStream is probably vulnerable" message.

      Suggested Solution

      Set the permissions for the XStream library when it is initialized and do not rely on the defaults. An explicit call to addPermission() would no longer log the warning.

      Workaround

      There is no workaround.

      Attachments

        Issue Links

          is cloned from

          Suggestion - BAM-20913 Bamboo server log throws Security framework of XStream not initialized, XStream is probably vulnerable.

          • Closed

          Activity

            People

              Unassigned Unassigned
              rbaldasso Rodrigo Baldasso
              Votes:
              48 Vote for this issue
              Watchers:
              39 Start watching this issue

              Dates

                Created:
                Updated: