We blocked bitbucket.org access from our office network as per the Log4j IOCs,
our RnD would like to access bitbucket.org for their development purposes, but we would like to make sure Log4j stuff is handled before allowing access to that site.
Can anyone confirm that the Log4j vulnerability is no longer a threat in bitbucket.org?
Hi @Semi Ara ,
Atlassian Cloud products, and specifically Bitbucket Cloud (accessed from bitbucket.org domain) are not vulnerable as Atlassian already took the necessary measures to mitigate this. You can see the official communication from Atlassian here : https://confluence.atlassian.com/security/multiple-products-security-advisory-log4j-vulnerable-to-remote-code-execution-cve-2021-44228-1103069934.html
This means that in you case, the Log4j vulnerability is no longer a threat.
Let me know if this helps,
Beginning on April 4th, we will be implementing push limits. This means that your push cannot be completed if it is over 3.5 GB. If you do attempt to complete a push that is over 3.5 GB, it will fail...
Connect with like-minded Atlassian users at free events near you!Find an event
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no Community Events near you at the moment.Host an event
You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events