Atlassian Bitbucket 8.1.1

CPE Details

Atlassian Bitbucket 8.1.1
atlassian
bitbucket
8.1.1
2022-08-29
13h13 +00:00
2022-08-29
14h44 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:atlassian:bitbucket:8.1.1:*:*:*:*:*:*:*

Informations

Vendor

atlassian

Product

bitbucket

Version

8.1.1

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-43781 2022-11-17 00h00 +00:00 There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to execute arbitrary code on the system. This vulnerability can be unauthenticated if the Bitbucket Server and Data Center instance has enabled “Allow public signup”.
9.8
Critical
CVE-2022-36804 2022-08-25 05h40 +00:00 Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1 allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request. This vulnerability was reported via our Bug Bounty Program by TheGrandPew.
8.8
High