Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitbucket vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2019-15012
Bitbucket Server and Bitbucket Data Center from version 4.13. prior to 5.16.11, from version 6.0.0 prior to 6.0.11, from version 6.1.0 prior to 6.1.9, from version 6.2.0 prior to 6.2.7, from version 6.3.0 prior to 6.3.6, from version 6.4.0 prior to 6.4.4, from version 6.5.0 prior...
Atlassian Bitbucket
7.8
CVSSv3
CVE-2020-36233
The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x prior to 7.6.4, and from version 7.7.0 prior to 7.10.1 allows local malicious users to escalate privileges because of weak permissions on the installation directory.
Atlassian Bitbucket
8.8
CVSSv3
CVE-2019-20097
Bitbucket Server and Bitbucket Data Center versions starting from 1.0.0 prior to 5.16.11, from version 6.0.0 prior to 6.0.11, from version 6.1.0 prior to 6.1.9, from version 6.2.0 prior to 6.2.7, from version 6.3.0 prior to 6.3.6, from version 6.4.0 prior to 6.4.4, from version 6...
Atlassian Bitbucket
4.3
CVSSv3
CVE-2017-18036
The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote malicious users to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery (SSRF) vulnerability.
Atlassian Bitbucket
5.3
CVSSv3
CVE-2017-18038
The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote malicious users to read the first line of arbitrary files via a path traversal vulnerability through the default branch name.
Atlassian Bitbucket
4.3
CVSSv3
CVE-2017-18088
Various plugin servlet resources in Atlassian Bitbucket Server before version 5.3.7 (the fixed version for 5.3.x), from version 5.4.0 prior to 5.4.6 (the fixed version for 5.4.x), from version 5.5.0 prior to 5.5.6 (the fixed version for 5.5.x), from version 5.6.0 prior to 5.6.3 (...
Atlassian Bitbucket
4.3
CVSSv3
CVE-2020-14170
Webhooks in Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 allow remote malicious users to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability.
Atlassian Bitbucket
6.5
CVSSv3
CVE-2020-14171
Atlassian Bitbucket Server from version 4.9.0 before version 7.2.4 allows remote malicious users to intercept unencrypted repository import requests via a Man-in-the-Middle (MITM) attack.
Atlassian Bitbucket
9.9
CVSSv3
CVE-2018-5225
In browser editing in Atlassian Bitbucket Server from version 4.13.0 prior to 5.4.8 (the fixed version for 4.13.0 up to and including 5.4.7), 5.5.0 prior to 5.5.8 (the fixed version for 5.5.x), 5.6.0 prior to 5.6.5 (the fixed version for 5.6.x), 5.7.0 prior to 5.7.3 (the fixed ve...
Atlassian Bitbucket
4.3
CVSSv3
CVE-2016-4320
Atlassian Bitbucket Server prior to 4.7.1 allows remote malicious users to read the first line of an arbitrary file via a directory traversal attack on the pull requests resource.
Atlassian Bitbucket
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »