Hi there!
How do you consider the impact of CVE-2021-31525 [1] and CVE-2021-33194 [2] on Mender? Do you think this is critical?
Best regards
@kacf do you have any thoughts here?
The impact on the client is extremely low, as it only connects to the Mender server it trusts.
On the backend-side, it needs a bit of investigation to see which version is affected.
I’ll get back to this thread early next week.