MITM (Man-in-the-Middle) org.apache.tomcat.embed:tomcat-embed-core Dependency in Bitbucket Data Center

This High severity MITM Man-in-the-Middle vulnerability was introduced in versions 9.0.1, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, 10.0.0, 10.1.1, 10.2.0, and 10.3.0 of Bitbucket Data Center. This MITM Man-in-the-Middle vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

Injection axios Dependency in Bitbucket Data Center

This High severity Injection vulnerability was introduced in versions 9.4.12, 10.2.0, and 10.3.0 of Bitbucket Data Center. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N allows an unauthenticated attacker to modify the...

Injection axios Dependency in Bitbucket Data Center

This High severity Injection vulnerability was introduced in versions 9.4.12, 10.2.0, and 10.3.0 of Bitbucket Data Center. This Injection vulnerability, with a CVSS Score of 7.4 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N allows an unauthenticated attacker to modify the...

DoS (Denial of Service) org.apache.tomcat.embed:tomcat-embed-core Dependency in Bitbucket Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 9.0.1, 9.1.0, 9.2.0, 9.3.0, 9.4.0, 9.5.0, 9.6.0, 10.0.0, 10.1.1, 10.2.0, and 10.3.0 of Bitbucket Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

DoS (Denial of Service) @isaacs/brace-expansion Dependency in Bitbucket Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 10.0.0, 10.1.1, 10.2.0, and 10.3.0 of Bitbucket Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...

SSRF (Server-Side Request Forgery) axios Dependency in Bitbucket Data Center

This High severity SSRF Server-Side Request Forgery vulnerability was introduced in versions 9.4.12 and 10.2.0 of Bitbucket Data Center. This SSRF Server-Side Request Forgery vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N allows an...

DoS (Denial of Service) ua-parser-js Dependency in Bitbucket Data Center

This High severity DoS Denial of Service vulnerability was introduced in versions 9.4.12, 10.0.1, and 10.1.1 of Bitbucket Data Center. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an unauthenticated...

XSS (Cross Site Scripting) dompurify Dependency in Bitbucket Data Center

This High severity XSS Cross Site Scripting vulnerability was introduced in versions 8.19.0, 9.0.1, and 10.0.0 of Bitbucket Data Center. This XSS Cross Site Scripting vulnerability, with a CVSS Score of 7.3 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L allows an unauthenticate...

DoS (Denial of Service) semver Dependency in Bitbucket Data Center and Server

This High severity DoS Denial of Service vulnerability known as CVE-2022-25883 was introduced in versions 9.4.16 and 10.1.1 of Bitbucket Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...

DoS (Denial of Service) org.apache.tomcat.embed:tomcat-embed-core Dependency in Bitbucket Data Center and Server

This High severity DoS Denial of Service vulnerability was introduced in version 8.19.0 and 9.4.0 of Bitbucket Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5, allows an attacker to perform actions to degrade service, which has no impact to...

RCE (Remote Code Execution) org.apache.tomcat.embed:tomcat-embed-core Dependency in Bitbucket Data Center and Server

This High severity RCE Remote Code Execution vulnerability was introduced in versions 8.19.0, 9.4.0, and 10.0.0 of Bitbucket Data Center and Server. This RCE Remote Code Execution vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H allows an...

DoS (Denial of Service) org.apache.tomcat.embed:tomcat-embed-core Dependency in Bitbucket Data Center and Server

This High severity DoS Denial of Service vulnerability was introduced in version 8.19.0 of Bitbucket Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 8.6, allows an attacker to perform actions to degrade service, which has no impact to confidentiality, no...

DoS (Denial of Service) com.fasterxml.jackson.core:jackson-core Dependency in Bitbucket Data Center and Server

This High severity DoS Denial of Service vulnerability was introduced in version 8.19.0 and 9.4.0 of Bitbucket Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 8.7, allows an attacker to perform actions to degrade service, which has no impact to...

Improper Authorization org.springframework:spring-core Dependency in Bitbucket Data Center and Server

This High severity Improper Authorization vulnerability was introduced in version 8.19.0 and 9.4.0 of Bitbucket Data Center and Server. This Improper Authorization vulnerability, with a CVSS Score of 7.5, allows an attacker to potentially perform actions to circumvent authorization checks, which...

DoS (Denial of Service) com.google.protobuf:protobuf-java Dependency in Bitbucket Data Center and Server

This High severity DoS Denial of Service Dependency vulnerability, known as CVE-2024-7254, was introduced in version 8.9.0 of Bitbucket Data Center and Server. This vulnerability, with a CVSS Score of 8.7 and a vector of...

Improper Authorization Third-Party Dependency in Bitbucket Data Center and Server - CVE-2025-22235

This High severity vulnerability known as CVE-2025-22235 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15, 8.19.16, 8.19.17, 8.19.18, 8.19.19, 8.19.20, 8.19.21, 8.19.23, 8.19.24 of Bitbucket Data...

Cryptographic Failure Third-Party Dependency in Bitbucket Data Center and Server - CVE-2022-24772

This High severity vulnerability known as CVE-2022-24772 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CV...

Cryptographic Failure Third-Party Dependency in Bitbucket Data Center and Server - CVE-2022-24771

This High severity vulnerability known as CVE-2022-24771 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CV...

Prototype Pollution Third-Party Dependency in Bitbucket Data Center and Server - CVE-2020-28471

This High severity vulnerability known as CVE-2020-28471 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6, 8.19.7, 8.19.8, 8.19.9, 8.19.10, 8.19.11, 8.19.12, 8.19.13, 8.19.14, 8.19.15 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.3 and a CV...

Path Traversal Third-Party Dependency in Bitbucket Data Center and Server - CVE-2024-38819

This High severity vulnerability known as CVE-2024-38819 was introduced in 8.19.0, 8.19.1, 8.19.2, 8.19.3, 8.19.4, 8.19.5, 8.19.6 of Bitbucket Data Center and Server. This vulnerability with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Atlassian recommends...