Vulnerability in Atlassian Bitbucket Server

CVE-2017-18087

The download commit resource in Atlassian Bitbucket Server from version 5.1.0 before version 5.1.7, from version 5.2.0 before version 5.2.5, from version 5.3.0 before version 5.3.3 and from version 5.4.0 before version 5.4.1 allows remote…

EPSS: 0.016 (82.0th percentile) — read the EPSS interpretation.

Affected products

Atlassian Bitbucket Server — versions from 5.3.0 prior to 5.3.3, from 5.1.0 prior to 5.1.7, from 5.4.0 prior to 5.4.1

References

103038 (vdb-entry, x_refsource_BID)
jira.atlassian.com/browse/BSERV-10593 (x_refsource_CONFIRM)