Fisheye had a vulnerable version of Apache Commons FileUpload - CVE-2016-1000031

2019-02-14T22:03:17
ID ATLASSIAN:FE-7164
Type atlassian
Reporter ejensby
Modified 2019-05-30T15:11:30

Description

The DiskFileItem class from the Apache Commons FileUpload library before version 1.3.3 was vulnerable to CVE-2016-1000031. Atlassian Fisheye was using a vulnerable version of this library, although not the DiskFileItem class. Fisheye has been updated to use the safe version of the Apache Commons FileUpload library.