967 matches found
CVE-2017-18087
The download commit resource in Atlassian Bitbucket Server from version 5.1.0 before version 5.1.7, from version 5.2.0 before version 5.2.5, from version 5.3.0 before version 5.3.3 and from version 5.4.0 before version 5.4.1 allows remote attackers to write files to disk potentially allowing them...
Atlassian Bitbucket Server Server-Side Request Forgery Vulnerability
Atlassian Bitbucket Server is a Git code hosting solution from Atlassian Australia. The solution is able to manage and review code with features such as diff view, JIRA integration and build integration.Github repository importer is one of the Github repository import modules. A server-side reque...
Atlassian Bitbucket Server Path Traversal Vulnerability
Atlassian Bitbucket Server is a Git code hosting solution from Atlassian Australia. The solution is capable of managing and reviewing code with features such as diff view, JIRA integration and build integration. A directory traversal vulnerability exists in the git repository tag rest resource in...
Atlassian Bitbucket Server Path Traversal Vulnerability
Atlassian Bitbucket Server is a Git code hosting solution from Atlassian Australia. The solution is capable of managing and reviewing code with features such as diff view, JIRA integration and build integration. A path traversal vulnerability exists in the repository settings resource in Atlassia...
CVE-2017-18036
The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery SSRF vulnerability...
CVE-2017-18037
The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 the fixed version for 4.14.x, from version 5.0.0 before 5.0.9 the fixed version for 5.0.x, from version 5.1.0 before 5.1.8 the fixed version for 5.1.x, from version 5.2.0 before 5.2.6 the fixed...
CVE-2017-18037
The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 the fixed version for 4.14.x, from version 5.0.0 before 5.0.9 the fixed version for 5.0.x, from version 5.1.0 before 5.1.8 the fixed version for 5.1.x, from version 5.2.0 before 5.2.6 the fixed...
Server side request forgery (ssrf)
The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery SSRF vulnerability...
Path traversal
The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a path traversal vulnerability through the default branch name...
Path traversal
The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 the fixed version for 4.14.x, from version 5.0.0 before 5.0.9 the fixed version for 5.0.x, from version 5.1.0 before 5.1.8 the fixed version for 5.1.x, from version 5.2.0 before 5.2.6 the fixed...
CVE-2017-18038
The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a path traversal vulnerability through the default branch name...
CVE-2017-18038
The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a path traversal vulnerability through the default branch name...
CVE-2017-18036
The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery SSRF vulnerability...
CVE-2017-18037
The CVE covers a path traversal flaw in Atlassian Bitbucket Server’s git repository tag rest resource. The problem resides in the tag name handling, allowing remote attackers to read arbitrary files on the server. Affected versions are Bitbucket Server 3.7.0–before 4.14.11 (fixed in 4.14.11), 5.0...
CVE-2017-18036
The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery SSRF vulnerability...
CVE-2017-18038
The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a path traversal vulnerability through the default branch name...
CVE-2017-18038
Affected software: Atlassian Bitbucket Server (before 5.6.0). Vulnerability: repository settings resource allows path traversal via the default branch name, enabling remote attackers to read the first line of arbitrary files. Root cause: path traversal in the repository settings resource. Impact:...
CVE-2017-18036
The vulnerability CVE-2017-18036 affects Atlassian Bitbucket Server, specifically the Github repository importer module, where a Server-Side Request Forgery (SSRF) in versions before 5.3.0 enables remote attackers to determine whether a non-reachable service has open ports. The root cause is an S...
Path traversal through the name of a git tag in the git repository tag rest resource - CVE-2017-18037
The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 the fixed version for 4.14.x, from version 5.0.0 before 5.0.9 the fixed version for 5.0.x, from version 5.1.0 before 5.1.8 the fixed version for 5.1.x, from version 5.2.0 before 5.2.6 the fixed...
Path traversal through the name of a git tag in the git repository tag rest resource - CVE-2017-18037
The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 the fixed version for 4.14.x, from version 5.0.0 before 5.0.9 the fixed version for 5.0.x, from version 5.1.0 before 5.1.8 the fixed version for 5.1.x, from version 5.2.0 before 5.2.6 the fixed...