A critical security vulnerability (CVE-2023-24998) was discovered in the Apache Commons FileUpload package < 1.5 .

Impact on Atlassian Products

So far there is no official statement from Atlassian for Confluence or Jira.

You may watch the following ticket: https://jira.atlassian.com/browse/CONFSERVER-82479

Impact on Seibert Media Products

We are still investigating if our apps use the affected Commons FileUpload classes. 

Seibert Media Linchpin apps from Atlassian's Marketplace

Data Center and Server Apps

  • Not affected. No action is required.

Cloud Apps

  • Not affected. No action is required.
Other Seibert Media apps including all joint venture apps

Data Center and Server Apps

  • (warning) We investigate the usage of the package

Cloud Apps

  • Not affected. No action is required.
Linchpin Hey

Not affected. No action is required.


Shortlink for this page: https://seibert.biz/cve-2023-24998

  • No labels
This page was last edited on 07/16/2024.