4 matches found
Atlassian auto-unapprove plugin security bypass vulnerability
Atlassian auto-unapprove plugin is a plugin with auto-unapprove function applied in Bitbucket by Atlassian Australia. A security vulnerability exists in Atlassian auto-unapprove plugin version 3.0.1. An attacker can exploit the vulnerability to bypass the plugin via a brute force attack...
CVE-2017-16857
It is possible to bypass the bitbucket auto-unapprove plugin via minimal brute-force because it is relying on asynchronous events on the back-end. This allows an attacker to merge any code into unsuspecting repositories. This affects all versions of the auto-unapprove plugin, however since the...
CVE-2017-16857
It is possible to bypass the bitbucket auto-unapprove plugin via minimal brute-force because it is relying on asynchronous events on the back-end. This allows an attacker to merge any code into unsuspecting repositories. This affects all versions of the auto-unapprove plugin, however since the...
CVE-2017-16857
The CVE-2017-16857 entry concerns the Atlassian auto-unapprove plugin for Bitbucket. Affected component: the auto-unapprove plugin (not bundled with Bitbucket Server). Root cause: bypass of the plugin via minimal brute-force due to reliance on back-end asynchronous events, enabling an attacker to...