CVE-2025-68493 impact on Bamboo

h3. Issue Summary Impact of CVE-2025-68493 in Bamboo https://cwiki.apache.org/confluence/display/WW/S2-069 Parsing of XML configuration in XWork component does not validate XML in proper way and it's vulnerable to XML external entity XXE injection. h3. Steps to Reproduce ||Impact of...

EUVD-2017-18446

Malware in sbrugna...

EUVD-2017-6090

Malware in sbrugna...

EUVD-2018-17007

Malware in sbrugna...

PT-2024-18838 · Undefined · Undefined

Atlassian fixes CVE-2024-21689 vulnerability in Bamboo AtlassianBamboo CVE-2024-21189 RCE https://t.co/VUixQa8ypW...

CVE-2017-14589

It was possible for double OGNL evaluation in FreeMarker templates through Struts FreeMarker tags to occur. An attacker who has restricted administration rights to Bamboo or who hosts a website that a Bamboo administrator visits, is able to exploit this vulnerability to execute Java code of their...

PT-2017-18614 · Atlassian · Bamboo

Name of the Vulnerable Software and Affected Versions: Atlassian Bamboo versions 5.x through 5.15.6 Atlassian Bamboo versions 6.x through 6.0.0 Description: The issue arises from incorrect permission checks for users creating deployment projects. An attacker with login access to Bamboo, but witho...