2 matches found
CVE-2017-18037
The CVE covers a path traversal flaw in Atlassian Bitbucket Server’s git repository tag rest resource. The problem resides in the tag name handling, allowing remote attackers to read arbitrary files on the server. Affected versions are Bitbucket Server 3.7.0–before 4.14.11 (fixed in 4.14.11), 5.0...
Path traversal through the name of a git tag in the git repository tag rest resource - CVE-2017-18037
The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 the fixed version for 4.14.x, from version 5.0.0 before 5.0.9 the fixed version for 5.0.x, from version 5.1.0 before 5.1.8 the fixed version for 5.1.x, from version 5.2.0 before 5.2.6 the fixed...