Security Question: Jitsi Dedktop CVE-2021-4104

Hi Guys,

We are still using the Jitsi desktop version(2.1.5550), and we recently got alert from the vulnerability scan system, so I want to know if this version will be affected, or if there’s any mitigations

image

You can try with updating that binary in place with a new version and see how it goes. Not sure what is using it to be able to evaluate the risk, but it is not actively used in our code.

@jacob: I am happy to read you!

All the Jitsi team knows all CVEs in Desktop since several years.

For example: Bouncy Castle, slf4j, log4j, …

Linked to: