My question is why, as an Atlas customer, no one at our company received any information about this. No emails, no banner in the webpage… Nothing.
I only learnt it existed through other people making videos and posts on social media. An 8.7 severity CVE spanning almost 10 years of versions feels like something that should be publicly broadcasted, along with the tools to check if you’ve been affected, a comprehensive list of affected versions and how to remediate it… But maybe that’s just me