Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitbucket vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2019-15000
The commit diff rest endpoint in Bitbucket Server and Data Center prior to 5.16.10 (the fixed version for 5.16.x ), from 6.0.0 prior to 6.0.10 (the fixed version for 6.0.x), from 6.1.0 prior to 6.1.8 (the fixed version for 6.1.x), from 6.2.0 prior to 6.2.6 (the fixed version for ...
Atlassian Bitbucket
6.5
CVSSv2
CVE-2019-15010
Bitbucket Server and Bitbucket Data Center versions starting from version 3.0.0 before version 5.16.11, from version 6.0.0 prior to 6.0.11, from version 6.1.0 prior to 6.1.9, from version 6.2.0 prior to 6.2.7, from version 6.3.0 prior to 6.3.6, from version 6.4.0 prior to 6.4.4, ...
Atlassian Bitbucket
6.5
CVSSv2
CVE-2018-5225
In browser editing in Atlassian Bitbucket Server from version 4.13.0 prior to 5.4.8 (the fixed version for 4.13.0 up to and including 5.4.7), 5.5.0 prior to 5.5.8 (the fixed version for 5.5.x), 5.6.0 prior to 5.6.5 (the fixed version for 5.6.x), 5.7.0 prior to 5.7.3 (the fixed ve...
Atlassian Bitbucket
4
CVSSv2
CVE-2020-14170
Webhooks in Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 allow remote malicious users to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability.
Atlassian Bitbucket
4.3
CVSSv2
CVE-2017-18088
Various plugin servlet resources in Atlassian Bitbucket Server before version 5.3.7 (the fixed version for 5.3.x), from version 5.4.0 prior to 5.4.6 (the fixed version for 5.4.x), from version 5.5.0 prior to 5.5.6 (the fixed version for 5.5.x), from version 5.6.0 prior to 5.6.3 (...
Atlassian Bitbucket
NA
CVE-2022-43781
There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to execute arbitrary code on the system. This vulnerability can be unauthenticated if the Bitbu...
Atlassian Bitbucket
4.6
CVSSv2
CVE-2020-36233
The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x prior to 7.6.4, and from version 7.7.0 prior to 7.10.1 allows local malicious users to escalate privileges because of weak permissions on the installation directory.
Atlassian Bitbucket
6.5
CVSSv2
CVE-2019-20097
Bitbucket Server and Bitbucket Data Center versions starting from 1.0.0 prior to 5.16.11, from version 6.0.0 prior to 6.0.11, from version 6.1.0 prior to 6.1.9, from version 6.2.0 prior to 6.2.7, from version 6.3.0 prior to 6.3.6, from version 6.4.0 prior to 6.4.4, from version 6...
Atlassian Bitbucket
4
CVSSv2
CVE-2017-18036
The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote malicious users to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery (SSRF) vulnerability.
Atlassian Bitbucket
5
CVSSv2
CVE-2017-18038
The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote malicious users to read the first line of arbitrary files via a path traversal vulnerability through the default branch name.
Atlassian Bitbucket
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-21987
buffer overflow
CVE-2024-28890
CVE-2024-27574
CVE-2024-27347
CVE-2024-31450
privilege
SSTI
CVE-2024-31666
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »