Hi ,
seems conflunce with version 7.12.4 has CVE-2022-22965 vulnerability, which shows as below:
Path /confluence/WEB-INF/lib/atlassian-plugins-spring-5.3.11.jar
Installed version : 5.3.11 Fixed version : 5.3.18
Path : /confluence/WEB-INF/lib/atlassian-spring-2.0.8.jar
Installed version : 2.0.8 Fixed version : 5.2.20
Path : /confluence/WEB-INF/lib/sal-spring-4.1.0.jar
Installed version : 4.1.0 Fixed version : 5.2.20
Path : /confluence/WEB-INF/lib/spring-core-5.1.18.RELEASE.jar Installed version :
5.1.18.RELEASE Fixed version : 5.2.20
Path :
/confluence/synchrony-proxy/WEB-INF/lib/spring-core-5.1.18.RELEASE.jar
Installed version : 5.1.18.RELEASE Fixed version : 5.2.20
how can we remediate it .
can we upgrade confluence to solve this?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.