Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian bitbucket vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2022-43781
There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to execute arbitrary code on the system. This vulnerability can be unauthenticated if the Bitbu...
Atlassian Bitbucket
4.3
CVSSv3
CVE-2017-18088
Various plugin servlet resources in Atlassian Bitbucket Server before version 5.3.7 (the fixed version for 5.3.x), from version 5.4.0 prior to 5.4.6 (the fixed version for 5.4.x), from version 5.5.0 prior to 5.5.6 (the fixed version for 5.5.x), from version 5.6.0 prior to 5.6.3 (...
Atlassian Bitbucket
4.3
CVSSv3
CVE-2017-18036
The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote malicious users to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery (SSRF) vulnerability.
Atlassian Bitbucket
5.3
CVSSv3
CVE-2017-18038
The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote malicious users to read the first line of arbitrary files via a path traversal vulnerability through the default branch name.
Atlassian Bitbucket
7.8
CVSSv3
CVE-2020-36233
The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x prior to 7.6.4, and from version 7.7.0 prior to 7.10.1 allows local malicious users to escalate privileges because of weak permissions on the installation directory.
Atlassian Bitbucket
8.8
CVSSv3
CVE-2019-20097
Bitbucket Server and Bitbucket Data Center versions starting from 1.0.0 prior to 5.16.11, from version 6.0.0 prior to 6.0.11, from version 6.1.0 prior to 6.1.9, from version 6.2.0 prior to 6.2.7, from version 6.3.0 prior to 6.3.6, from version 6.4.0 prior to 6.4.4, from version 6...
Atlassian Bitbucket
7.5
CVSSv3
CVE-2017-18087
The download commit resource in Atlassian Bitbucket Server from version 5.1.0 before version 5.1.7, from version 5.2.0 before version 5.2.5, from version 5.3.0 before version 5.3.3 and from version 5.4.0 before version 5.4.1 allows remote malicious users to write files to disk po...
Atlassian Bitbucket
4.3
CVSSv3
CVE-2020-14170
Webhooks in Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 allow remote malicious users to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability.
Atlassian Bitbucket
6.5
CVSSv3
CVE-2020-14171
Atlassian Bitbucket Server from version 4.9.0 before version 7.2.4 allows remote malicious users to intercept unencrypted repository import requests via a Man-in-the-Middle (MITM) attack.
Atlassian Bitbucket
9.9
CVSSv3
CVE-2018-5225
In browser editing in Atlassian Bitbucket Server from version 4.13.0 prior to 5.4.8 (the fixed version for 4.13.0 up to and including 5.4.7), 5.5.0 prior to 5.5.8 (the fixed version for 5.5.x), 5.6.0 prior to 5.6.5 (the fixed version for 5.6.x), 5.7.0 prior to 5.7.3 (the fixed ve...
Atlassian Bitbucket
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5834
CVE-2024-30100
CVE-2024-4577
physical
dos
CVE-2024-30099
CVE-2024-27801
CVE-2024-32146
logic flaw
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »