CVE-2022-43781 (bitbucket) | allinfosecnews.com

Nov. 17, 2022, 12:15 a.m. |

National Vulnerability Database web.nvd.nist.gov

There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to execute arbitrary code on the system. This vulnerability can be unauthenticated if the Bitbucket Server and Data Center instance has enabled â€œAllow public signupâ€�.

More from web.nvd.nist.gov / National Vulnerability Database

CVE-2023-45955 (lightstrip_firmware) 6 months ago | web.nvd.nist.gov

attackers cve denial of service issue +1

CVE-2023-40101 (android) 6 months ago | web.nvd.nist.gov

android check collapse cve +7

CVE-2023-21377 (android) 6 months ago | web.nvd.nist.gov

android bypass cve disclosure +8

CVE-2023-21380 (android) 6 months ago | web.nvd.nist.gov

android bluetooth buffer buffer overflow +9

CVE-2023-21382 (android) 6 months ago | web.nvd.nist.gov

access android check cve +11

CVE-2023-21381 (android) 6 months ago | web.nvd.nist.gov

android arbitrary code code code execution +10

CVE-2023-21385 (android) 6 months ago | web.nvd.nist.gov

android corruption cve disclosure +7

CVE-2023-21387 (android) 6 months ago | web.nvd.nist.gov

android backup bypass cve +11

CVE-2023-21389 (android) 6 months ago | web.nvd.nist.gov

android bypass check cve +10

Senior Security Officer

@ eSimplicity | Remote

View on infosec-jobs.com

Senior - Automated Cyber Attack Engineer

@ Deloitte | Madrid, España

View on infosec-jobs.com

Public Key Infrastructure (PKI) Senior Engineer

@ Sherwin-Williams | Cleveland, OH, United States

View on infosec-jobs.com

Consultant, Technology Consulting, Cyber Security - Privacy (Senior) (Multiple Positions) (1502793)

@ EY | Chicago, IL, US, 60606

View on infosec-jobs.com

Principal Associate, CSOC Analyst

@ Capital One | McLean, VA

View on infosec-jobs.com

Real Estate Portfolio & Corporate Security Lead

@ Lilium | Munich

View on infosec-jobs.com