Advice on CVE-2021-3618 (alpaca) and CVE-2022-41742 (nginx)

Steve Matthews
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
November 1, 2023

BitScan has reported discovering our Confluence Server is vulnerable to CVE-2021-3618 and CVE-2022-41742. We can find no mention of these CVEs on the Atlassian Support site. What action, if any, do we need to take?

We are currently using nginx version 1.18, and are in the process of upgrading our Confluence Server instance to version 7.19.16 in response to the latest Atlassian Security Bulletin (re CVE-2023-22518).

1 answer

0 votes
Kian Stack Mumo Systems
Community Leader
Community Leader
Community Leaders are connectors, ambassadors, and mentors. On the online community, they serve as thought leaders, product experts, and moderators.
November 1, 2023

I am not seeing anything either. You could reach out to Atlassian to see if they have any further recommendations?

Steve Matthews
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
November 1, 2023

Thank you, Kian. I submitted a support ticket.

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
SERVER
VERSION
7.19.16
TAGS
AUG Leaders

Atlassian Community Events