Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Recherche Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Atlassian Bitbucket Server 4.x < 4.8.2 Directory Traversal

High

Synopsis

The remote Bitbucket server is affected by an Dierctory Traversal attack vector.

Description

Versions of Bitbucket 4.x prior to 4.8.2 contain a flaw in boundaries in content-type headers when handling file upload requests. This may allow a remote attacker to cause a process linked against the library to become unresponsive.

Solution

Upgrade to Bitbucket version 4.8.2 or later.