Atlassian Bitbucket Server
18 CVEs affecting Atlassian Bitbucket Server. Latest disclosed: 2023-09-19. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-22513 | High | 8.5 | 2023-09-19 | This High severity RCE (Remote Code Execution) vulnerability was introduced in version 8.0.0 of Bitbucket Data Center and Server. This RCE (Remote Code Executi… |
CVE-2022-43781 | | 2022-11-17 | There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their userna… | |
CVE-2022-36804 | | 2022-08-25 | Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18… | |
CVE-2022-26137 | | 2022-07-20 | A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application… | |
CVE-2022-26136 | | 2022-07-20 | A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. The impa… | |
CVE-2020-36233 | | 2021-02-18 | The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x before 7.6.4, and from version 7.7.0 before 7.10.1 al… | |
CVE-2020-14170 | | 2020-07-09 | Webhooks in Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 allow remote attackers to access the content of internal network resources via a… | |
CVE-2020-14171 | | 2020-07-09 | Atlassian Bitbucket Server from version 4.9.0 before version 7.2.4 allows remote attackers to intercept unencrypted repository import requests via a Man-in-the… | |
CVE-2019-20097 | | 2020-01-15 | Bitbucket Server and Bitbucket Data Center versions starting from 1.0.0 before 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from… | |
CVE-2019-15012 | | 2020-01-15 | Bitbucket Server and Bitbucket Data Center from version 4.13. before 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6… | |
CVE-2019-15010 | | 2020-01-15 | Bitbucket Server and Bitbucket Data Center versions starting from version 3.0.0 before version 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 be… | |
CVE-2019-15005 | | 2019-11-08 | The Atlassian Troubleshooting and Support Tools plugin prior to version 1.17.2 allows an unprivileged user to initiate periodic log scans and send the results… | |
CVE-2019-15000 | | 2019-09-19 | The commit diff rest endpoint in Bitbucket Server and Data Center before 5.16.10 (the fixed version for 5.16.x ), from 6.0.0 before 6.0.10 (the fixed version f… | |
CVE-2018-5225 | | 2018-03-22 | In browser editing in Atlassian Bitbucket Server from version 4.13.0 before 5.4.8 (the fixed version for 4.13.0 through 5.4.7), 5.5.0 before 5.5.8 (the fixed v… | |
CVE-2017-18087 | | 2018-02-15 | The download commit resource in Atlassian Bitbucket Server from version 5.1.0 before version 5.1.7, from version 5.2.0 before version 5.2.5, from version 5.3.0… | |
CVE-2017-18038 | | 2018-02-02 | The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a pat… | |
CVE-2017-18037 | | 2018-02-02 | The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 (the fixed version for 4.14.x), from version 5.0.0 before… | |
CVE-2017-18036 | | 2018-02-02 | The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they could not otherwise re… |