Lucene search
Security-metrics-botATLASSIAN:CONFSERVER-74534HistoryNov 01, 2021 - 8:34 p.m.
Unicode characters allow malicious code to be hidden from a human reviewer (Confluence Server) - CVE-2021-42574
2021-11-0120:34:51
security-metrics-bot
jira.atlassian.com
47
0.003 Low
EPSS
Percentile
65.5%
Researchers at the University of Cambridge reported a vulnerability affecting Confluence Server / DC where special characters, known as Unicode bidirectional override characters, are not rendered or displayed in the affected applications. These special characters are typically not displayed by the browser or code editors but can affect the meaning of the source code when it is processed by a compiler or an interpreter. The issue is now fixed.
Affected versions:
-
All versions before 7.4.13
-
All versions between 7.5.0 and 7.12.5 (inclusive)
-
All 7.13.x LTS versions before 7.13.2
-
Version 7.14.0
Fixed versions:
-
7.4.13
-
7.13.2
-
7.14.1
Related
nessus
nessus
RHEL 8 : gcc-toolset-10-annobin (RHSA-2021:4592)
2021-11-11 00:00:00
RHEL 8 : binutils (RHSA-2021:4602)
2021-11-11 00:00:00
osv
osv
Moderate: gcc-toolset-10-binutils security update
2021-11-15 10:00:59
Moderate: gcc-toolset-10-gcc security update
2021-11-10 08:31:42
Moderate: binutils security update
2021-11-10 08:41:52
rocky
rocky
gcc security update
2021-11-10 08:34:56
rust-toolset:rhel8 security update
2021-11-10 08:37:57
gcc-toolset-11-binutils security update
2021-11-10 08:40:25
openvas
openvas
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2022-1262)
2022-03-02 00:00:00
Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2022-1603)
2022-05-05 00:00:00
Fedora: Security Advisory for rust (FEDORA-2021-7ad3a01f6a)
2021-11-06 00:00:00
oraclelinux
oraclelinux
gcc-toolset-10-gcc security update
2021-11-19 00:00:00
annobin security update
2021-11-18 00:00:00
gcc-toolset-10-binutils security update
2021-11-18 00:00:00
atlassian
atlassian
almalinux
almalinux
Moderate: gcc-toolset-10-annobin security update
2021-11-10 08:39:32
Moderate: gcc-toolset-10-gcc security update
2021-11-10 08:31:42
Moderate: gcc-toolset-11-annobin security update
2021-11-10 08:38:54
redhat
redhat
(RHSA-2021:4589) Moderate: gcc-toolset-10-annobin security update
2021-11-10 08:36:14
(RHSA-2021:4694) Moderate: rust-toolset-1.54-rust security update
2021-11-16 11:21:35
(RHSA-2021:4669) Moderate: devtoolset-11-gcc security update
2021-11-15 11:29:53
githubexploit
githubexploit
Exploit for Code Injection in Unicode
2023-01-31 18:15:00
Exploit for Code Injection in Unicode
2021-11-01 13:05:48
Exploit for Code Injection in Unicode
2021-11-02 15:32:38
fedora
fedora
[SECURITY] Fedora 35 Update: rust-1.56.1-1.fc35
2021-11-05 01:08:45
[SECURITY] Fedora 34 Update: rust-1.56.1-1.fc34
2021-11-04 01:34:43
[SECURITY] Fedora 33 Update: rust-1.56.1-1.fc33
2021-11-11 01:22:52
amazon
amazon
Medium: gcc10, gcc
2022-04-25 22:57:00
mageia
mageia
Updated rust packages fix security vulnerability
2021-11-20 22:31:06
alpinelinux
alpinelinux
CVE-2021-42574
2021-11-01 04:15:07
ubuntucve
ubuntucve
CVE-2021-42574
2021-11-01 00:00:00
veracode
veracode
Denial Of Service (DoS)
2021-11-05 01:37:30
centos
centos
binutils security update
2021-11-17 15:07:33
debiancve
debiancve
CVE-2021-42574
2021-11-01 04:15:07
cve
cve
CVE-2021-42574
2021-11-01 04:15:07
vulnrichment
vulnrichment
CVE-2021-42574
2021-11-01 00:00:00
cvelist
cvelist
CVE-2021-42574
2021-11-01 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2021-0122
2021-11-01 00:00:00
prion
prion
Design/Logic Flaw
2021-11-01 04:15:00
nvd
nvd
CVE-2021-42574
2021-11-01 04:15:07
redhatcve
redhatcve
CVE-2021-42574
2021-11-01 00:36:21