Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root


1 badge earned


Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!


Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.


Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!


Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Spring4Shell: Security Analysis of the latest Java RCE '0-day' vulnerabilities in Spring

Regarding the "spring4shell"  vulnerability  in .

Does anyone know that this vulnerability affects Atlassian products such like a Jira, Confluence? 

(As asked by Chihara in other groups there is no security advisory as yet hence asking the question in the recommended group) 

4 answers

2 accepted

5 votes
Answer accepted

Please reference our FAQ for now, we do hope to have formal announcement soon:

David Yu Rising Star Apr 12, 2022

Is there a timeline or JAC bug we can follow along to see when patches will become available? Downgrading JDKs might not always be feasible for every customer.

1 vote
Answer accepted


Please see the latest FAQs posted over the weekend:

As always, you can monitor security vulnerabilities at the following link

You can also report a vulnerability using this article so Atlassian will provide an offical answer for that question.

We will continue to monitor the situation and provide a response soon.



Hello, we have a very limited window to triage and mitigage critical vulnerabilities. With this case being critical, we are well past the triage period. Kindly advise your findings as soon as possible. Most of our vendors have already published information, as this has been in our radar for a few days now. Thank you! 

Seconded! Hurry up, Atlassian!

Like Tom likes this

Can anyone from Atlassian comment on this please? This is a major security event.

Suggest an answer

Log in or Sign up to answer

Atlassian Community Events