Uploaded image for project: 'Jira Data Center'
  1. Jira Data Center
  2. JRASERVER-75262

Upgrade Tomcat to address CVE-2022-42252

    XMLWordPrintable

Details

    • 0
    • We collect Jira feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

    Description

      If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to 9.0.67, 10.0.0-M1 to 10.0.26 or 10.1.0-M1 to 10.1.0 was configured to ignore invalid HTTP headers via setting rejectIllegalHeader to false.
      Jira 8.20 versions before 8.20.15 and 9.4 versions before 9.4.1 are potentially vulnerable and should be updated to latest version in branch.

      Attachments

        Issue Links

          is cloned from

          Suggestion - CONFSERVER-81074 Upgrade Tomcat to 9.0.68 or later to address CVE-2022-42252

          • Closed

          Activity

            People

              Unassigned Unassigned
              6444c12a624d Barbara Cavalcante
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated: