Uploaded image for project: 'Confluence Data Center'
  1. Confluence Data Center
  2. CONFSERVER-98408

Upgrade vulnerable Java versions bundled with Confluence installer

XMLWordPrintable

    • 1
    • 5
    • We collect Confluence feedback from various sources, and we evaluate what we've collected when planning our product roadmap. To understand how this piece of feedback will be reviewed, see our Implementation of New Features Policy.

      Problem

      The Java versions bundled with current Confluence distributions seem to be affected by the below vulnerabilities:

      Suggested Solution

      Update the bundled JDK to the current versions 11.0.25, 17.0.13, 21.0.5, and keep them up to date in the future as well.

      Why This Is Important

      Although the above vulnerabilities have no security impact on Confluence, users are encountering issues with security scans and keeping Confluence in line with compliance regulations. Installing new Java versions and testing is an unplanned workload for the users.

      Workaround

      Install the latest Java release and manually change the Java Confluence uses:

              UnassignedUnassigned
              f8be9ce75683Erhan Baz
              Votes:
              1Vote for this issue
              Watchers:
              6Start watching this issue

                Created:
                Updated: