le_throoshCVE: Possible Organization/Secret Compromise from dangerous CI implementation
renegadesporkEveryone might want to freeze your Jellyfin versions until this gets sorted. As far as we know, nothing has been hijacked, but safer sit on your local copies for now.
I think its our local copies that might have issues if anything. If there is a threat at all, it would affect releases prior to the cve release not since then. Or yeah, if a possible attacker had gained access they may still have it, but its unlikely that would not have been caught.