Security News

Critical Vulnerability Discovered in Atlassian Bitbucket Server and Data Center
2022-08-26 19:39

Atlassian has rolled out fixes for a critical security flaw in Bitbucket Server and Data Center that could lead to the execution of malicious code on vulnerable installations.Tracked as CVE-2022-36804, the issue has been characterized as a command injection vulnerability in multiple endpoints that could be exploited via specially crafted HTTP requests.

Atlassian Bitbucket Server vulnerable to critical RCE vulnerability
2022-08-26 16:40

Atlassian has published a security advisory warning Bitbucket Server and Data Center users of a critical security flaw that attackers could leverage to execute arbitrary code on vulnerable instances. "An attacker with access to a public repository or with read permissions to a private Bitbucket repository can execute arbitrary code by sending a malicious HTTP request," explains Atlassian's advisory.

Atlassian fixes critical flaws in Confluence, Jira, Bitbucket and other products, update quickly!
2022-07-21 09:21

Atlassian has fixed three critical vulnerabilities and is urging customers using Confluence, Bamboo, Bitbucket, Crowd, Fisheye and Crucible, Jira and Jira Service Management to update their instances as soon as possible.There is no mention of these vulnerabilities being exploited in the wild, but flaws in Atlassian Confluence are often leveraged by attackers.