bitvoodoo Advisories BVADVIS

Communcation by Vendor

On Smartbear released a new version of Zephyr Squad to fix security vulnerabilities in their app related to Log4Shell (CVE-2021-44228). We urge our customers to update to the latest available version of Zephyr Squad.

Version  Released 2021-12-17  Supported By SmartBear  Paid via Atlassian  Commercial

This release addresses the security vulnerability reported against log4j2 library. In order to fully mitigate the vulnerability exposed by log4j2 please also update to the latest version of ZBOT in case you are using Test Automation and have ZBOT configured.

Bug Fixes

  • Fixed an issue with Zephyr Squad Expired app was breaking Advanced Road Maps feature.
  • Updated the cycle API to provide the Display name details along with ModifiedBy and CreatedBy fields.
  • Fixed the issue with Export to Excel where the column data was merged with large data sets.

For a complete list of bug fixes please refer to our release notes.




Zephyr Squad

Marketplace link

Base productJira

Recommendation by bitvoodoo

  • If you use Jira 8.x.x update Zephyr Squad to version 6.2.6
  • If you use Jira 7.x.x update Zephyr Squad to version 4.8.5


If you need any assistance please contact the bitvoodoo support via

bitvoodoo Advisories BVADVIS