Support #748

Fix for CVE-2021-41556

Added by Madars almost 2 years ago. Updated almost 2 years ago.

Status:ClosedStart date:12/22/2021
Priority:Normal (Code 4)Due date:
Assignee:-% Done:


Target version:-


The vulnerable has been found in Squirrel script engine, which might lead to code exploits.
Fix shall be back-ported from Squirrel script main repositories.

Mavimax customer shall have no worry about this vulnerable, because currently script engine is not used in Enduro/X productive operations. Squirelscript currently is only used for configuration file and source code generation, which is one time event, purely run by developers, not network attached, and does not take any part in UBF/XATMI/transactions processing.

For compliance reasons the fix shall be backported and put in latest Enduro/X release.


#1 Updated by Madars almost 2 years ago

Release notes

FIx has been backported in

Available from Enduro/X version 7.5.36+.

#2 Updated by Madars almost 2 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

#3 Updated by Lauris almost 2 years ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF