Lucene search

Bamboo for Windows uses a version of Git LFS vulnerable to remote code execution (CVE-2021-21237)

🗓️ 10 Mar 2021 11:09:05Reported by security-metrics-botType

Bamboo for Windows vulnerable to Git LFS remote code execution (CVE-2021-21237), incomplete fix for CVE-2020-2795

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 50
OSV	Git LFS can execute a Git binary from the current directory on Windows	15 Feb 202200:30	–	osv
OSV	CVE-2021-21237	15 Jan 202118:15	–	osv
OSV	BIT-git-lfs-2021-21237	6 Mar 202410:52	–	osv
OSV	Git LFS can execute a Git binary from the current directory	11 Feb 202223:39	–	osv
OSV	BIT-git-lfs-2020-27955	6 Mar 202410:52	–	osv
OSV	CVE-2020-27955	5 Nov 202015:15	–	osv
OSV	Arbitrary code execution on Windows in github.com/git-lfs/git-lfs	14 Apr 202120:04	–	osv
Atlassian	RCE via git-lfs in Sourcetree for Windows - CVE-2020-27955	7 Jan 202117:07	–	atlassian
Atlassian	RCE via git-lfs in Sourcetree for Windows - CVE-2021-21237	26 Feb 202117:00	–	atlassian
Atlassian	RCE via git-lfs in Sourcetree for Windows - CVE-2021-21237	26 Feb 202117:00	–	atlassian

Vulners

Node

atlassian bamboo_data_centerRange≤7.2.2

atlassian bamboo_data_centerRange<7.2.3

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

10 Mar 2021 11:05Current

5.1Medium risk

Vulners AI Score5.1

CVSS210

CVSS37.2 - 9.8

EPSS0.92209