Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitbucket vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-18037
The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 prior to 4.14.11 (the fixed version for 4.14.x), from version 5.0.0 prior to 5.0.9 (the fixed version for 5.0.x), from version 5.1.0 prior to 5.1.8 (the fixed version for 5.1.x), from version 5....
Atlassian Bitbucket
Atlassian Bitbucket 5.5.2
Atlassian Bitbucket 5.5.3
Atlassian Bitbucket 5.5.4
Atlassian Bitbucket 5.5.5
Atlassian Bitbucket 5.5.0
Atlassian Bitbucket 5.5.6
8.8
CVSSv3
CVE-2023-22513
This High severity RCE (Remote Code Execution) vulnerability was introduced in version 8.0.0 of Bitbucket Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.5, allows an authenticated malicious user to execute arbitrary code which has h...
Atlassian Bitbucket Server
Atlassian Bitbucket Server 8.13.0
Atlassian Bitbucket Data Center 8.13.0
Atlassian Bitbucket Data Center
8.5
CVSSv3
CVE-2017-16857
It is possible to bypass the bitbucket auto-unapprove plugin via minimal brute-force because it is relying on asynchronous events on the back-end. This allows an malicious user to merge any code into unsuspecting repositories. This affects all versions of the auto-unapprove plugi...
Atlassian Bitbucket Auto Unapprove Plugin 1.1.0
Atlassian Bitbucket Auto Unapprove Plugin 2.0.1
Atlassian Bitbucket Auto Unapprove Plugin 2.2.0
Atlassian Bitbucket Auto Unapprove Plugin 1.0.0
Atlassian Bitbucket Auto Unapprove Plugin 1.2.0
Atlassian Bitbucket Auto Unapprove Plugin 3.0.0
Atlassian Bitbucket Auto Unapprove Plugin 2.0.2
Atlassian Bitbucket Auto Unapprove Plugin 2.0.4
Atlassian Bitbucket Auto Unapprove Plugin 2.1.1
Atlassian Bitbucket Auto Unapprove Plugin 2.1.3
8.8
CVSSv3
CVE-2022-36804
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from versi...
Atlassian Bitbucket 8.3.0
Atlassian Bitbucket
16 Github repositories
2 Articles
9.8
CVSSv3
CVE-2022-26133
SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later prior to 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated malicious user to execute...
Atlassian Bitbucket Data Center
Atlassian Bitbucket Data Center 7.20.0
2 Github repositories
4.3
CVSSv3
CVE-2022-20618
A missing permission check in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and previous versions allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins.
Jenkins Bitbucket Branch Source 737.vdf9dc06105be
Jenkins Bitbucket Branch Source
7.1
CVSSv3
CVE-2022-20619
A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and previous versions allows malicious users to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing c...
Jenkins Bitbucket Branch Source 737.vdf9dc06105be
Jenkins Bitbucket Branch Source
4.3
CVSSv3
CVE-2017-18036
The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote malicious users to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery (SSRF) vulnerability.
Atlassian Bitbucket
7.5
CVSSv3
CVE-2017-18087
The download commit resource in Atlassian Bitbucket Server from version 5.1.0 before version 5.1.7, from version 5.2.0 before version 5.2.5, from version 5.3.0 before version 5.3.3 and from version 5.4.0 before version 5.4.1 allows remote malicious users to write files to disk po...
Atlassian Bitbucket
4.3
CVSSv3
CVE-2017-18088
Various plugin servlet resources in Atlassian Bitbucket Server before version 5.3.7 (the fixed version for 5.3.x), from version 5.4.0 prior to 5.4.6 (the fixed version for 5.4.x), from version 5.5.0 prior to 5.5.6 (the fixed version for 5.5.x), from version 5.6.0 prior to 5.6.3 (...
Atlassian Bitbucket
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
malicious code
camera
CVE-2023-46694
CVE-2023-43847
CVE-2023-30311
CVE-2024-27842
CVE-2024-30165
arbitrary code
CVE-2024-21683
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »