Atlassian

Bitbucket

20 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2022-43781

  • EPSS 92.08%
  • Veröffentlicht 17.11.2022 00:15:18
  • Zuletzt bearbeitet 21.11.2024 07:27:14

There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to execute arbitrary code on the system. This vulnerability can b...

8.8

CVE-2022-36804

Warnung Exploit
  • EPSS 94.43%
  • Veröffentlicht 25.08.2022 06:15:09
  • Zuletzt bearbeitet 24.10.2025 13:37:44

Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before...

8.8

CVE-2022-26137

  • EPSS 0.07%
  • Veröffentlicht 20.07.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:53:30

A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassian has confirmed and fixed the only known security...

9.8

CVE-2022-26136

  • EPSS 0.28%
  • Veröffentlicht 20.07.2022 18:15:08
  • Zuletzt bearbeitet 21.11.2024 06:53:30

A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by each app, and how the filters are used. This vulner...

7.8

CVE-2020-36233

  • EPSS 0.04%
  • Veröffentlicht 18.02.2021 20:15:12
  • Zuletzt bearbeitet 21.11.2024 05:29:06

The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x before 7.6.4, and from version 7.7.0 before 7.10.1 allows local attackers to escalate privileges because of weak permissions on the installation...

6.5

CVE-2020-14171

  • EPSS 0.31%
  • Veröffentlicht 09.07.2020 18:15:10
  • Zuletzt bearbeitet 21.11.2024 05:02:47

Atlassian Bitbucket Server from version 4.9.0 before version 7.2.4 allows remote attackers to intercept unencrypted repository import requests via a Man-in-the-Middle (MITM) attack.

4.3

CVE-2020-14170

  • EPSS 0.2%
  • Veröffentlicht 09.07.2020 18:15:10
  • Zuletzt bearbeitet 21.11.2024 05:02:47

Webhooks in Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 allow remote attackers to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability.

8.8

CVE-2019-15010

  • EPSS 2.06%
  • Veröffentlicht 15.01.2020 21:15:12
  • Zuletzt bearbeitet 21.11.2024 04:27:52

Bitbucket Server and Bitbucket Data Center versions starting from version 3.0.0 before version 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version ...

8.8

CVE-2019-20097

  • EPSS 2.99%
  • Veröffentlicht 15.01.2020 21:15:12
  • Zuletzt bearbeitet 21.11.2024 04:38:03

Bitbucket Server and Bitbucket Data Center versions starting from 1.0.0 before 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4...

8.8

CVE-2019-15012

  • EPSS 1.92%
  • Veröffentlicht 15.01.2020 21:15:12
  • Zuletzt bearbeitet 21.11.2024 04:27:52

Bitbucket Server and Bitbucket Data Center from version 4.13. before 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from v...