CVE-2022-43781

N/A

There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to execute arbitrary code on the system. This vulnerability can be unauthenticated if the Bitbucket Server and Data Center instance has enabled “Allow public signup”.

N/A

N/A

Atlassian Bitbucket Server和Bitbucket Data Center 命令注入漏洞

Atlassian Bitbucket Server和Atlassian Bitbucket Data Center都是澳大利亚Atlassian公司的产品。Atlassian Bitbucket Server是一款Git代码托管解决方案。该方案能够管理并审查代码，具有差异视图、JIRA集成和构建集成等功能。Atlassian Bitbucket Data Center是Atlassian Bitbucket的数据中心版本。 Atlassian Bitbucket Server和Bitbucket Dat

N/A

N/A