Create
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Community resources
Community resources
Community resources
- Community
- Products
- Fisheye/Crucible
- Questions
- Is Crucible/Fisheye v4.8.13/4.8.14 vulnerable to CVE-2023-38545?
Is Crucible/Fisheye v4.8.13/4.8.14 vulnerable to CVE-2023-38545?
Our Tenable scan has flagged our recent upgrade to Crucible/Fisheye 4.8.13/4.8.14 for the version of libcurl contained within the x86_64-linux-gnu/libcurl-gnutls.so.4.7.0.
Docker container running on RHEL7.
Flagged file:
- /var/lib/docker/overlay2/xxxxx/diff/usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4.7.0
- /var/lib/docker/overlay2/xxxxx/merged/usr/lib/x86_64-linux-gnu/libcurl-gnutls.so.4.7.0
- /var/lib/docker/overlay2/xxxxx/merged/usr/lib/x86_64-linux-gnu/libcurl.so.4.7.0
- /var/lib/docker/overlay2/xxxxx/diff/usr/lib/x86_64-linux-gnu/libcurl.so.4.7.0
It is recommended the libcurl version be upgraded from 7.81.0 to 8.4.0.
Is Crucible impacted by this CVE? Will there be an update to the latest image for this issue in the near future?
0 answers
DEPLOYMENT TYPE
SERVERVERSION
4.8.14TAGS
Atlassian Community Events
Copyright © 2025 Atlassian
