|
|
|
| Date
|
2026-06-22
|
| Severity
|
reported "high", BlueSpice assessment: not affected
|
| Affected
|
bluespice/migrate-confluence Docker image (all versions)
|
| Fixed in
|
Next regular update
|
| CVE
|
|
Problem
| CVE
|
Component
|
Type of vulnerability
|
BlueSpice 5
|
| CVE-2026-8376
|
bluespice/migrate-confluence
|
Heap Buffer Overflow (Perl regex compilation, 32-bit only)
|
not affected
|
Impact assessment
| CVE
|
Assessment
|
Mitigation without update
|
| CVE-2026-8376
|
Not affected. The vulnerability only applies to 32-bit Perl builds; the bluespice/migrate-confluence Docker image uses a 64-bit base image and therefore runs a 64-bit Perl. Additionally, the regular expressions used in the application are part of the application logic and cannot be injected by an attacker.
|
No action required.
|
Solution
No immediate action required. The affected library will be updated in the next regular release.
