Loading...

XML

Word

Printable

Type: Public Security Vulnerability
Resolution: Fixed
Priority: Low
Fix Version/s: 8.13.25, 8.20.12, 8.22.2
Affects Version/s: 8.22.1
Component/s: None
Labels:

CVSS Score:
7
CVSS Severity:
High
CVE ID:
CVE-2022-21724

Affected versions of Atlassian Jira Server and Data Center used versions of the PostgresSQL JDBC driver that were vulnerable to CVE-2022-21724.

The affected versions of Atlassian Jira Server and Data Center are before version 8.22.2.

Affected versions:

version < 8.22.2

Fixed versions:

8.22.2 and above.
Backported LTS versions: 8.20.12 and 8.13.25

Workaround:

For version < 8.22.2: Upgrade driver manually, for example 42.2.25. User can delete existing PostgresSQL JDBC driver and place this 42.2.25 in same location that is within [JIRA_INSTALL_FOLDER]/lib folder.

mentioned in: Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...; Page Loading...

(8 mentioned in)

Assignee:: Unassigned
Reporter:: Security Metrics Bot
Votes:: 0 Vote for this issue
Watchers:: 22 Start watching this issue

Created:: 20/Apr/2022 8:14 PM
Updated:: 21/Dec/2022 1:38 PM
Resolved:: 27/Jul/2022 1:52 AM