1. Wombats Avatar Wombats
  2. Marketplace
  3. API Tokens for Jira
  4. Issues

Urgent Security vulnerability reference to Spring Java Zero-Day Log4J vulnerability" (CVE-2022-22965), Is our plugin impacted?

Issue #39 resolved
Gowri created an issue

Hi Support team,

Please treat this as the highest priority as this is a worldwide security vulnerability.

We need to determine if we are impacted and what is the patch to secure our systems?
please provide the step by step document for the patch.

here are some link for the reference:

Here is the CVE Details: CVE-2022-22965
https://www.bleepingcomputer.com/news/security/new-spring-java-framework-zero-day-allows-remote-code-execution/

Here is the list of Atlassian marketplace apps that we have in our Jira Data center:

Thanks in Advance!

Regards,
Gowri

Comments (2)

  1. Roma Bubyakin [Wombats Corp]

    Hi Gowri,

    Plugins from Wombats Corp do not use Spring Cloud Function.

    You are definitely not impacted by CVE-2022-22965 by using our apps.

    Regards, Roman

  3. Log in to comment
Assignee
Type
bug
Priority
critical
Status
resolved
Votes
0
Watchers
1