Loading...

XML

Word

Printable

Details

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: 8.22.2, 8.20.12, 8.13.25
Affects Version/s: 8.22.1
Component/s: None
Labels:

CVSS Score:
7
CVSS Severity:
High
CVE ID:
CVE-2022-21724

Description

Affected versions of Atlassian Jira Server and Data Center used versions of the PostgresSQL JDBC driver that were vulnerable to CVE-2022-21724.

The affected versions of Atlassian Jira Server and Data Center are before version 8.22.2.

Affected versions:

version < 8.22.2

Fixed versions:

8.22.2 and above.
Backported LTS versions: 8.20.12 and 8.13.25

Workaround:

For version < 8.22.2: Upgrade driver manually, for example 42.2.25. User can delete existing PostgresSQL JDBC driver and place this 42.2.25 in same location that is within [JIRA_INSTALL_FOLDER]/lib folder.

Attachments

Issue Links

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...

(8 mentioned in)

Activity

People

Assignee:: Unassigned

Reporter:: Security Metrics Bot

Votes:: 0 Vote for this issue

Watchers:: 22 Start watching this issue

Dates

Created:: 20/Apr/2022 8:14 PM

Updated:: 21/Dec/2022 1:38 PM

Resolved:: 27/Jul/2022 1:52 AM