Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bitbucket vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2017-18037
The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 prior to 4.14.11 (the fixed version for 4.14.x), from version 5.0.0 prior to 5.0.9 (the fixed version for 5.0.x), from version 5.1.0 prior to 5.1.8 (the fixed version for 5.1.x), from version 5....
Atlassian Bitbucket
Atlassian Bitbucket 5.5.2
Atlassian Bitbucket 5.5.3
Atlassian Bitbucket 5.5.4
Atlassian Bitbucket 5.5.5
Atlassian Bitbucket 5.5.0
Atlassian Bitbucket 5.5.6
8.8
CVSSv3
CVE-2023-22513
This High severity RCE (Remote Code Execution) vulnerability was introduced in version 8.0.0 of Bitbucket Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.5, allows an authenticated malicious user to execute arbitrary code which has h...
Atlassian Bitbucket Server
Atlassian Bitbucket Server 8.13.0
Atlassian Bitbucket Data Center 8.13.0
Atlassian Bitbucket Data Center
8.5
CVSSv3
CVE-2017-16857
It is possible to bypass the bitbucket auto-unapprove plugin via minimal brute-force because it is relying on asynchronous events on the back-end. This allows an malicious user to merge any code into unsuspecting repositories. This affects all versions of the auto-unapprove plugi...
Atlassian Bitbucket Auto Unapprove Plugin 1.1.0
Atlassian Bitbucket Auto Unapprove Plugin 2.0.1
Atlassian Bitbucket Auto Unapprove Plugin 2.2.0
Atlassian Bitbucket Auto Unapprove Plugin 1.0.0
Atlassian Bitbucket Auto Unapprove Plugin 1.2.0
Atlassian Bitbucket Auto Unapprove Plugin 3.0.0
Atlassian Bitbucket Auto Unapprove Plugin 2.0.2
Atlassian Bitbucket Auto Unapprove Plugin 2.0.4
Atlassian Bitbucket Auto Unapprove Plugin 2.1.1
Atlassian Bitbucket Auto Unapprove Plugin 2.1.3
8.8
CVSSv3
CVE-2022-36804
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from versi...
Atlassian Bitbucket 8.3.0
Atlassian Bitbucket
15 Github repositories
2 Articles
9.8
CVSSv3
CVE-2022-26133
SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later prior to 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated malicious user to execute...
Atlassian Bitbucket Data Center
Atlassian Bitbucket Data Center 7.20.0
2 Github repositories
4.3
CVSSv3
CVE-2022-20618
A missing permission check in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and previous versions allows attackers with Overall/Read access to enumerate credentials IDs of credentials stored in Jenkins.
Jenkins Bitbucket Branch Source 737.vdf9dc06105be
Jenkins Bitbucket Branch Source
7.1
CVSSv3
CVE-2022-20619
A cross-site request forgery (CSRF) vulnerability in Jenkins Bitbucket Branch Source Plugin 737.vdf9dc06105be and previous versions allows malicious users to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing c...
Jenkins Bitbucket Branch Source 737.vdf9dc06105be
Jenkins Bitbucket Branch Source
9.9
CVSSv3
CVE-2018-5225
In browser editing in Atlassian Bitbucket Server from version 4.13.0 prior to 5.4.8 (the fixed version for 4.13.0 up to and including 5.4.7), 5.5.0 prior to 5.5.8 (the fixed version for 5.5.x), 5.6.0 prior to 5.6.5 (the fixed version for 5.6.x), 5.7.0 prior to 5.7.3 (the fixed ve...
Atlassian Bitbucket
7.8
CVSSv3
CVE-2020-36233
The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x prior to 7.6.4, and from version 7.7.0 prior to 7.10.1 allows local malicious users to escalate privileges because of weak permissions on the installation directory.
Atlassian Bitbucket
7.5
CVSSv3
CVE-2017-18087
The download commit resource in Atlassian Bitbucket Server from version 5.1.0 before version 5.1.7, from version 5.2.0 before version 5.2.5, from version 5.3.0 before version 5.3.3 and from version 5.4.0 before version 5.4.1 allows remote malicious users to write files to disk po...
Atlassian Bitbucket
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »