A critical security vulnerability (CVE-2023-24998) was discovered in the Apache Commons FileUpload package < 1.5 .

Impact on Atlassian Products

So far there is no official statement from Atlassian for Confluence or Jira.

You may watch the following ticket: https://jira.atlassian.com/browse/CONFSERVER-82479

Impact on Seibert Media Products

We are still investigating if our apps use the affected Commons FileUpload classes. 

Seibert Media Linchpin apps from Atlassian's Marketplace

Data Center and Server Apps

  • Not affected. No action is required.

Cloud Apps

  • Not affected. No action is required.
Other Seibert Media apps including all joint venture apps

Data Center and Server Apps

  • (warning) We investigate the usage of the package

Cloud Apps

  • Not affected. No action is required.
Linchpin Hey

Not affected. No action is required.


Shortlink for this page: https://seibert.biz/cve-2023-24998

  • No labels

This content was last updated on 03/03/2023.

This content hasn't been updated in a while. That doesn't have to be a problem. Some of our pages live for years without becoming obsolete. Please click this link if you want us to update this page. Old content can be incorrect, misleading or outdated. Please get in contact with us via a form on this page, our live chat or via email with content@seibert.group if you are in doubt, have a question, suggestion, or want changes from us.