Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,359,795
Community Members
 
Community Events
168
Community Groups

Security Vulnerability CVE-2021-42574 Mitigation

Hello everyone,

How you guys are mitigating Security Vulnerability CVE-2021-42574? I am still unable to understand the risk, impact and mitigation done by Atlassian. Is there any other workaround than upgrade?

Kind Regards,

Mayuresh

1 comment

Here is a nice blog post about it: https://www.adaptavist.com/blog/trojan-codes-in-atlassian-products-and-scriptrunner

The main takeaway for me was that Jira or Confluence are not directly at risk, but they can be used to trick someone else to copy code from jira/confluence into another system and then when that system is built/executed, then that system may contain bad code that the developer didn't realize they copied.

Like Mayuresh Sakharape likes this

Comment

Log in or Sign up to comment