Atlassian Bitbucket 8.2.1

CPE Details

Atlassian Bitbucket 8.2.1
atlassian
bitbucket
8.2.1
2022-08-29
13h13 +00:00
2022-08-29
14h44 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:atlassian:bitbucket:8.2.1:*:*:*:*:*:*:*

Informations

Vendor

atlassian

Product

bitbucket

Version

8.2.1

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2022-43781 2022-11-17 00h00 +00:00 There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to execute arbitrary code on the system. This vulnerability can be unauthenticated if the Bitbucket Server and Data Center instance has enabled “Allow public signup”.
9.8
Critique
CVE-2022-36804 2022-08-25 05h40 +00:00 Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from version 8.2.0 before version 8.2.2, and from version 8.3.0 before 8.3.1 allows remote attackers with read permissions to a public or private Bitbucket repository to execute arbitrary code by sending a malicious HTTP request. This vulnerability was reported via our Bug Bounty Program by TheGrandPew.
8.8
Haute