NotCVE - vendor:"Atlassian" product:"Bitbucket" version:" >= 5.2.0

Page 2 of 13 results (0.053 seconds)

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18036

https://notcve.org/view.php?id=CVE-2017-18036

02 Feb 2018 — The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery (SSRF) vulnerability. El importador de repositorios Github en Atlassian Bitbucket Server, en versiones anteriores a la 5.3.0, permite que atacantes remotos determinen si un servicio al que no hubiesen podido acceder de otra forma tiene puertos abiertos mediante una vulnerabilidad de SSRF (Server-Sid... • http://www.securityfocus.com/bid/102932 • CWE-918: Server-Side Request Forgery (SSRF) •

CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0

CVE-2017-18037

https://notcve.org/view.php?id=CVE-2017-18037

02 Feb 2018 — The git repository tag rest resource in Atlassian Bitbucket Server from version 3.7.0 before 4.14.11 (the fixed version for 4.14.x), from version 5.0.0 before 5.0.9 (the fixed version for 5.0.x), from version 5.1.0 before 5.1.8 (the fixed version for 5.1.x), from version 5.2.0 before 5.2.6 (the fixed version for 5.2.x), from version 5.3.0 before 5.3.4 (the fixed version for 5.3.x), from version 5.4.0 before 5.4.2 (the fixed version for 5.4.x), from version 5.5.0 before 5.5.1 (the fixed version for 5.5.x) an... • https://jira.atlassian.com/browse/BSERV-10595 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2017-18038

https://notcve.org/view.php?id=CVE-2017-18038

02 Feb 2018 — The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a path traversal vulnerability through the default branch name. El recurso de opciones del repositorio en Atlassian Bitbucket Server, en versiones anteriores a la 5.6.0, permite que atacantes remotos lean la primera línea de archivos arbitrarios mediante una vulnerabilidad de salto de directorio a través del nombre de rama por defecto. • https://jira.atlassian.com/browse/BSERV-10592 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

1 2