Vulnerability in Atlassian Bamboo
CVE-2018-5224
Bamboo did not correctly check if a configured Mercurial repository URI contained values that the Windows operating system may consider argument parameters. An attacker who has permission to create a repository in Bamboo, edit an existing…
EPSS: 0.009 (76.5th percentile) — read the EPSS interpretation.
Affected products
- Atlassian Bamboo — versions 2.7.1, unspecified, 6.4.0
References
- 103653 (vdb-entry, x_refsource_BID)
- jira.atlassian.com/browse/BAM-19743 (x_refsource_CONFIRM)
- confluence.atlassian.com/x/PS9sO (x_refsource_CONFIRM)