Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian bitbucket vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2018-5225
In browser editing in Atlassian Bitbucket Server from version 4.13.0 prior to 5.4.8 (the fixed version for 4.13.0 up to and including 5.4.7), 5.5.0 prior to 5.5.8 (the fixed version for 5.5.x), 5.6.0 prior to 5.6.5 (the fixed version for 5.6.x), 5.7.0 prior to 5.7.3 (the fixed ve...
Atlassian Bitbucket
9.8
CVSSv3
CVE-2022-43781
There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to execute arbitrary code on the system. This vulnerability can be unauthenticated if the Bitbu...
Atlassian Bitbucket
9.8
CVSSv3
CVE-2022-26136
A vulnerability in multiple Atlassian products allows a remote, unauthenticated malicious user to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by each app, and how the filters are used. This vulnerability can result in au...
Atlassian Confluence Data Center 7.18.0
Atlassian Confluence Data Center
Atlassian Confluence Server 7.18.0
Atlassian Confluence Server
Atlassian Bitbucket 8.0.0
Atlassian Bitbucket 8.1.0
Atlassian Crowd
Atlassian Crowd 5.0.0
Atlassian Crucible
Atlassian Fisheye
Atlassian Jira Data Center
Atlassian Jira Server
Atlassian Jira Service Management
Atlassian Bamboo
Atlassian Bitbucket
Atlassian Jira Service Desk
1 Article
9.8
CVSSv3
CVE-2022-26133
SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later prior to 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated malicious user to execute...
Atlassian Bitbucket Data Center
Atlassian Bitbucket Data Center 7.20.0
2 Github repositories
9.8
CVSSv3
CVE-2021-37843
The resolution SAML SSO apps for Atlassian products allow a remote malicious user to login to a user account when only the username is known (i.e., no other authentication is provided). The fixed versions are for Jira: 3.6.6.1, 4.0.12, 5.0.5; for Confluence 3.6.6, 4.0.12, 5.0.5; ...
Atlassian Saml Single Sign On
9.8
CVSSv3
CVE-2019-15000
The commit diff rest endpoint in Bitbucket Server and Data Center prior to 5.16.10 (the fixed version for 5.16.x ), from 6.0.0 prior to 6.0.10 (the fixed version for 6.0.x), from 6.1.0 prior to 6.1.8 (the fixed version for 6.1.x), from 6.2.0 prior to 6.2.6 (the fixed version for ...
Atlassian Bitbucket
9.1
CVSSv3
CVE-2019-3397
Atlassian Bitbucket Data Center licensed instances starting with version 5.13.0 prior to 5.13.6 (the fixed version for 5.13.x), from 5.14.0 prior to 5.14.4 (fixed version for 5.14.x), from 5.15.0 prior to 5.15.3 (fixed version for 5.15.x), from 5.16.0 prior to 5.16.3 (fixed versi...
Atlassian Bitbucket
1 Github repository
8.8
CVSSv3
CVE-2023-22513
This High severity RCE (Remote Code Execution) vulnerability was introduced in version 8.0.0 of Bitbucket Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.5, allows an authenticated malicious user to execute arbitrary code which has h...
Atlassian Bitbucket Server
Atlassian Bitbucket Server 8.13.0
Atlassian Bitbucket Data Center 8.13.0
Atlassian Bitbucket Data Center
8.8
CVSSv3
CVE-2022-36804
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from versi...
Atlassian Bitbucket 8.3.0
Atlassian Bitbucket
16 Github repositories
2 Articles
8.8
CVSSv3
CVE-2022-26137
A vulnerability in multiple Atlassian products allows a remote, unauthenticated malicious user to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassian has confirmed and fixed the only known security issue associated with t...
Atlassian Confluence Data Center 7.18.0
Atlassian Confluence Data Center
Atlassian Confluence Server 7.18.0
Atlassian Confluence Server
Atlassian Bitbucket 8.0.0
Atlassian Bitbucket 8.1.0
Atlassian Crowd
Atlassian Crowd 5.0.0
Atlassian Crucible
Atlassian Fisheye
Atlassian Jira Data Center
Atlassian Jira Server
Atlassian Jira Service Management
Atlassian Bamboo
Atlassian Bitbucket
Atlassian Jira Service Desk
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »