Uploaded image for project: 'Jira Software Server and Data Center'
  1. Jira Software Server and Data Center
  2. JSWSERVER-21350

Tracking Resolution of Issue Described in FAQ for CVE-2022-22965

    XMLWordPrintable

Details

    Description

      This issue stands as a place holder to track the progress of resolving the issue described at FAQ for CVE-2022-22965.

      As part of normal security practice, we do not disclose security issues until they are fully resolved in our products so as to mitigate the risk to our customers. In this case the broader security concern was raised publicly by a third party, so broad stroke information about the issue is already available.

      We cannot disclose particular details of the issue, and the FAQ for CVE-2022-22965 remains the single source of truth. Once this issue is resolved, we will update this issue to point to the security disclosure issue with additional detail.

      UPDATE

      We’ve released these new versions with an upgraded version of Tomcat which also serves to mitigate this issue:

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              drohan Daniel R
              Votes:
              6 Vote for this issue
              Watchers:
              21 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: