Lucene search
K

967 matches found

Cvelist
Cvelist
added 2018/02/15 1:0 p.m.30 views

CVE-2017-18087

The download commit resource in Atlassian Bitbucket Server from version 5.1.0 before version 5.1.7, from version 5.2.0 before version 5.2.5, from version 5.3.0 before version 5.3.3 and from version 5.4.0 before version 5.4.1 allows remote attackers to write files to disk potentially allowing them...

8.6AI score0.01789EPSS
Exploits0References2
CNVD
CNVD
added 2018/02/08 12:0 a.m.5 views

Atlassian Bitbucket Server Server-Side Request Forgery Vulnerability

Atlassian Bitbucket Server is a Git code hosting solution from Atlassian Australia. The solution is able to manage and review code with features such as diff view, JIRA integration and build integration.Github repository importer is one of the Github repository import modules. A server-side reque...

4.3CVSS7.1AI score0.009EPSS
Exploits0References1
CNVD
CNVD
added 2018/02/08 12:0 a.m.4 views

Atlassian Bitbucket Server Path Traversal Vulnerability

Atlassian Bitbucket Server is a Git code hosting solution from Atlassian Australia. The solution is capable of managing and reviewing code with features such as diff view, JIRA integration and build integration. A directory traversal vulnerability exists in the git repository tag rest resource in...

6.5CVSS7.1AI score0.01328EPSS
Exploits0References1
CNVD
CNVD
added 2018/02/07 12:0 a.m.7 views

Atlassian Bitbucket Server Path Traversal Vulnerability

Atlassian Bitbucket Server is a Git code hosting solution from Atlassian Australia. The solution is capable of managing and reviewing code with features such as diff view, JIRA integration and build integration. A path traversal vulnerability exists in the repository settings resource in Atlassia...

5.3CVSS7.1AI score0.01474EPSS
Exploits0References1
NVD
NVD
added 2018/02/02 2:29 p.m.21 views

CVE-2017-18036

The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery SSRF vulnerability...

4.3CVSS4.7AI score0.009EPSS
Exploits0References2
OSV
OSV
added 2018/02/02 2:29 p.m.4 views

CVE-2017-18037

The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 the fixed version for 4.14.x, from version 5.0.0 before 5.0.9 the fixed version for 5.0.x, from version 5.1.0 before 5.1.8 the fixed version for 5.1.x, from version 5.2.0 before 5.2.6 the fixed...

6.5CVSS5.9AI score0.01328EPSS
Exploits0References1
NVD
NVD
added 2018/02/02 2:29 p.m.28 views

CVE-2017-18037

The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 the fixed version for 4.14.x, from version 5.0.0 before 5.0.9 the fixed version for 5.0.x, from version 5.1.0 before 5.1.8 the fixed version for 5.1.x, from version 5.2.0 before 5.2.6 the fixed...

6.5CVSS6.5AI score0.01328EPSS
Exploits0References1
Prion
Prion
added 2018/02/02 2:29 p.m.22 views

Server side request forgery (ssrf)

The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery SSRF vulnerability...

4CVSS4.7AI score0.009EPSS
Exploits0References2Affected Software1
Prion
Prion
added 2018/02/02 2:29 p.m.16 views

Path traversal

The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a path traversal vulnerability through the default branch name...

5CVSS5.3AI score0.01474EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/02/02 2:29 p.m.24 views

Path traversal

The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 the fixed version for 4.14.x, from version 5.0.0 before 5.0.9 the fixed version for 5.0.x, from version 5.1.0 before 5.1.8 the fixed version for 5.1.x, from version 5.2.0 before 5.2.6 the fixed...

4CVSS6.4AI score0.01328EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2018/02/02 2:29 p.m.24 views

CVE-2017-18038

The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a path traversal vulnerability through the default branch name...

5.3CVSS5.3AI score0.01474EPSS
Exploits0References1
OSV
OSV
added 2018/02/02 2:29 p.m.4 views

CVE-2017-18038

The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a path traversal vulnerability through the default branch name...

5.3CVSS5.9AI score0.01474EPSS
Exploits0References1
OSV
OSV
added 2018/02/02 2:29 p.m.2 views

CVE-2017-18036

The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery SSRF vulnerability...

4.3CVSS5.8AI score0.009EPSS
Exploits0References2
CVE
CVE
added 2018/02/02 2:0 p.m.54 views

CVE-2017-18037

The CVE covers a path traversal flaw in Atlassian Bitbucket Server’s git repository tag rest resource. The problem resides in the tag name handling, allowing remote attackers to read arbitrary files on the server. Affected versions are Bitbucket Server 3.7.0–before 4.14.11 (fixed in 4.14.11), 5.0...

6.5CVSS6.4AI score0.01328EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2018/02/02 2:0 p.m.27 views

CVE-2017-18036

The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery SSRF vulnerability...

4.7AI score0.009EPSS
Exploits0References2
Cvelist
Cvelist
added 2018/02/02 2:0 p.m.23 views

CVE-2017-18038

The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a path traversal vulnerability through the default branch name...

5.4AI score0.01474EPSS
Exploits0References1
CVE
CVE
added 2018/02/02 2:0 p.m.53 views

CVE-2017-18038

Affected software: Atlassian Bitbucket Server (before 5.6.0). Vulnerability: repository settings resource allows path traversal via the default branch name, enabling remote attackers to read the first line of arbitrary files. Root cause: path traversal in the repository settings resource. Impact:...

5.3CVSS5.3AI score0.01474EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/02/02 2:0 p.m.54 views

CVE-2017-18036

The vulnerability CVE-2017-18036 affects Atlassian Bitbucket Server, specifically the Github repository importer module, where a Server-Side Request Forgery (SSRF) in versions before 5.3.0 enables remote attackers to determine whether a non-reachable service has open ports. The root cause is an S...

4.3CVSS4.7AI score0.009EPSS
Exploits0References2Affected Software1
Atlassian
Atlassian
added 2018/02/02 12:12 a.m.116 views

Path traversal through the name of a git tag in the git repository tag rest resource - CVE-2017-18037

The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 the fixed version for 4.14.x, from version 5.0.0 before 5.0.9 the fixed version for 5.0.x, from version 5.1.0 before 5.1.8 the fixed version for 5.1.x, from version 5.2.0 before 5.2.6 the fixed...

6.5CVSS6.3AI score0.01328EPSS
Exploits0Affected Software1
Atlassian
Atlassian
added 2018/02/02 12:12 a.m.35 views

Path traversal through the name of a git tag in the git repository tag rest resource - CVE-2017-18037

The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 the fixed version for 4.14.x, from version 5.0.0 before 5.0.9 the fixed version for 5.0.x, from version 5.1.0 before 5.1.8 the fixed version for 5.1.x, from version 5.2.0 before 5.2.6 the fixed...

6.5CVSS4.7AI score0.01328EPSS
Exploits0
Rows per page
Query Builder