Dear all,
currently our jira service desk is availavle over the world-wide-web.
Internal vulnerability scans showed that cve-2022-22970 / cve-2022-22971 is affected to the current installed JIRA SD 4.20.11 version.
/opt/atlassian/jira/atlassian-jira/WEB-INF/lib/spring-core-5.3.19.jar |
Is it anyhow planed to fix this issue?
Do you have any workaround?
Hi @Markus
Here is the suggestion where you can vote to get it fixed early --> https://jira.atlassian.com/browse/JSWSERVER-21486
Thanks,
Tushar
@Markus -
The last security alert issued in July 2022 by Atlassian was - https://confluence.atlassian.com/security/multiple-products-security-advisory-cve-2022-26136-cve-2022-26137-1141493031.html
You need to contact Atlassian Support directly to obtain the proper support and assistance (https://support.atlassian.com) on your cve references.
Best, Joseph Chung Yin
Jira/JSM Functional Lead, Global Infrastructure Applications Team
Viasat Inc.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.