Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Bamboo before 6.0.5, 6.1.x before 6.1.4, and 6.2.x before 6.2.1 had a REST endpoint that parsed a YAML file and did not sufficiently restrict which classes could be loaded. An attacker who can log in to Bamboo as a user is able to exploit this vulnerability to execute Java code of their choice on systems that have vulnerable versions of Bamboo.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian Bamboo REST端点安全漏洞
Vulnerability Description
Atlassian Bamboo是澳大利亚Atlassian公司的一套持续集成构建工具。该工具可帮助开发团队使用持续交付功能构建、测试、发布和部署项目。REST endpoint是其中的一个REST端点。 Atlassian Bamboo中的REST端点存在安全漏洞,该漏洞源于程序没有充分的限制类的加载。攻击者可利用该漏洞在系统上执行Java代码。以下版本受到影响:Atlassian Bamboo 6.0.5版本,6.1.4之前的6.1.x版本,6.2.1之前的6.2.x版本。
CVSS Information
N/A
Vulnerability Type
N/A