Advertisement
Top
image credit: Pexels

Atlassian Patches Critical Vulnerabilities in Bitbucket, Crowd

November 18, 2022

Via: Security Week
Category:

In the Bitbucket source code repository hosting service, Atlassian fixed CVE-2022-43781, a critical command injection vulnerability that affects Bitbucket Server and Data Center version 7 and, in some cases, version 8.

“There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to gain code execution and execute code on the system,” Atlassian explained.

Updates that patch the flaw have been released for both BitBucket 7 and 8. Atlassian Cloud sites are not affected.

Read More on Security Week

RELATED PUBLICATIONS

OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories
Unpatched Vulnerabilities: The Most Brutal Ransomware Attack Vector
Google Patches Exploited Pixel Vulnerabilities

Latest Publications

The importance of the Vulnerability Operations Centre for cybersecurity
Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes
FIN7 targeted a large U.S. carmaker with phishing attacks
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!