Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
atlassian bitbucket vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-18037
The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 prior to 4.14.11 (the fixed version for 4.14.x), from version 5.0.0 prior to 5.0.9 (the fixed version for 5.0.x), from version 5.1.0 prior to 5.1.8 (the fixed version for 5.1.x), from version 5....
Atlassian Bitbucket
Atlassian Bitbucket 5.5.2
Atlassian Bitbucket 5.5.3
Atlassian Bitbucket 5.5.4
Atlassian Bitbucket 5.5.5
Atlassian Bitbucket 5.5.0
Atlassian Bitbucket 5.5.6
8.8
CVSSv3
CVE-2023-22513
This High severity RCE (Remote Code Execution) vulnerability was introduced in version 8.0.0 of Bitbucket Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.5, allows an authenticated malicious user to execute arbitrary code which has h...
Atlassian Bitbucket Server
Atlassian Bitbucket Server 8.13.0
Atlassian Bitbucket Data Center 8.13.0
Atlassian Bitbucket Data Center
8.5
CVSSv3
CVE-2017-16857
It is possible to bypass the bitbucket auto-unapprove plugin via minimal brute-force because it is relying on asynchronous events on the back-end. This allows an malicious user to merge any code into unsuspecting repositories. This affects all versions of the auto-unapprove plugi...
Atlassian Bitbucket Auto Unapprove Plugin 1.1.0
Atlassian Bitbucket Auto Unapprove Plugin 2.0.1
Atlassian Bitbucket Auto Unapprove Plugin 2.2.0
Atlassian Bitbucket Auto Unapprove Plugin 1.0.0
Atlassian Bitbucket Auto Unapprove Plugin 1.2.0
Atlassian Bitbucket Auto Unapprove Plugin 3.0.0
Atlassian Bitbucket Auto Unapprove Plugin 2.0.2
Atlassian Bitbucket Auto Unapprove Plugin 2.0.4
Atlassian Bitbucket Auto Unapprove Plugin 2.1.1
Atlassian Bitbucket Auto Unapprove Plugin 2.1.3
8.8
CVSSv3
CVE-2022-36804
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from versi...
Atlassian Bitbucket 8.3.0
Atlassian Bitbucket
16 Github repositories
2 Articles
9.8
CVSSv3
CVE-2022-26133
SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later prior to 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated malicious user to execute...
Atlassian Bitbucket Data Center
Atlassian Bitbucket Data Center 7.20.0
2 Github repositories
4.3
CVSSv3
CVE-2020-14170
Webhooks in Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 allow remote malicious users to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability.
Atlassian Bitbucket
6.5
CVSSv3
CVE-2020-14171
Atlassian Bitbucket Server from version 4.9.0 before version 7.2.4 allows remote malicious users to intercept unencrypted repository import requests via a Man-in-the-Middle (MITM) attack.
Atlassian Bitbucket
9.1
CVSSv3
CVE-2019-3397
Atlassian Bitbucket Data Center licensed instances starting with version 5.13.0 prior to 5.13.6 (the fixed version for 5.13.x), from 5.14.0 prior to 5.14.4 (fixed version for 5.14.x), from 5.15.0 prior to 5.15.3 (fixed version for 5.15.x), from 5.16.0 prior to 5.16.3 (fixed versi...
Atlassian Bitbucket
1 Github repository
8.8
CVSSv3
CVE-2019-15012
Bitbucket Server and Bitbucket Data Center from version 4.13. prior to 5.16.11, from version 6.0.0 prior to 6.0.11, from version 6.1.0 prior to 6.1.9, from version 6.2.0 prior to 6.2.7, from version 6.3.0 prior to 6.3.6, from version 6.4.0 prior to 6.4.4, from version 6.5.0 prior...
Atlassian Bitbucket
9.8
CVSSv3
CVE-2019-15000
The commit diff rest endpoint in Bitbucket Server and Data Center prior to 5.16.10 (the fixed version for 5.16.x ), from 6.0.0 prior to 6.0.10 (the fixed version for 6.0.x), from 6.1.0 prior to 6.1.8 (the fixed version for 6.1.x), from 6.2.0 prior to 6.2.6 (the fixed version for ...
Atlassian Bitbucket
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »