Bitbucket Data Center

CVEs (13)

CVE	Vendor / Product	Risk	CVSS	EPSS	KEV	Published	Description
CVE-2022-36804	Atlassian Bitbucket Server	0.23	—	0.94	KEV	Aug 25, 2022	Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from…
CVE-2022-43781	Atlassian Bitbucket Server	0.10	—	0.87		Nov 17, 2022	There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to execute arbitrary code on the system. This vulnerability can be unauthenticated if the…
CVE-2022-26133	Atlassian Bitbucket Data Center	0.07	—	0.81		Apr 20, 2022	SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute…
CVE-2023-22513	Atlassian Bitbucket Server	0.01	—	0.12		Sep 19, 2023	This High severity RCE (Remote Code Execution) vulnerability was introduced in version 8.0.0 of Bitbucket Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary code which has high…
CVE-2019-15000	Atlassian Bitbucket Server	0.01	—	0.11		Sep 19, 2019	The commit diff rest endpoint in Bitbucket Server and Data Center before 5.16.10 (the fixed version for 5.16.x ), from 6.0.0 before 6.0.10 (the fixed version for 6.0.x), from 6.1.0 before 6.1.8 (the fixed version for 6.1.x), from 6.2.0 before 6.2.6 (the fixed version for 6.2.x),…
CVE-2024-21684	Atlassian Bitbucket Data Center	0.00	—	0.01		Jul 24, 2024	There is a low severity open redirect vulnerability within affected versions of Bitbucket Data Center. Versions of Bitbucket DC from 8.0.0 to 8.9.12 and 8.19.0 to 8.19.1 are affected by this vulnerability. It is patched in 8.9.13 and 8.19.2. This open redirect vulnerability,…
CVE-2022-26137	Atlassian Confluence	0.00	—	0.00		Jul 20, 2022	A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassian has confirmed and fixed the only known security issue associated with this…
CVE-2022-26136	Atlassian Confluence	0.00	—	0.00		Jul 20, 2022	A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by each app, and how the filters are used. This vulnerability can result in…
CVE-2020-36233	Atlassian Bitbucket Server	0.00	—	0.00		Feb 18, 2021	The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x before 7.6.4, and from version 7.7.0 before 7.10.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
CVE-2019-20097	Atlassian Bitbucket Server	0.00	—	0.03		Jan 15, 2020	Bitbucket Server and Bitbucket Data Center versions starting from 1.0.0 before 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from version 6.5.0 before…
CVE-2019-15012	Atlassian Bitbucket Server	0.00	—	0.02		Jan 15, 2020	Bitbucket Server and Bitbucket Data Center from version 4.13. before 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from version 6.5.0 before 6.5.3,…
CVE-2019-15010	Atlassian Bitbucket Server	0.00	—	0.02		Jan 15, 2020	Bitbucket Server and Bitbucket Data Center versions starting from version 3.0.0 before version 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from…
CVE-2019-3397	Atlassian Bitbucket Data Center	0.00	—	0.05		Jun 3, 2019	Atlassian Bitbucket Data Center licensed instances starting with version 5.13.0 before 5.13.6 (the fixed version for 5.13.x), from 5.14.0 before 5.14.4 (fixed version for 5.14.x), from 5.15.0 before 5.15.3 (fixed version for 5.15.x), from 5.16.0 before 5.16.3 (fixed version for…

CVE-2022-36804KEVAug 25, 2022
Atlassian
Bitbucket Server
risk 0.23cvss —epss 0.94
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21.4, from version 8.0.0 before version 8.0.3, from version 8.1.0 before version 8.1.3, and from…
CVE-2022-43781Nov 17, 2022
Atlassian
Bitbucket Server
risk 0.10cvss —epss 0.87
There is a command injection vulnerability using environment variables in Bitbucket Server and Data Center. An attacker with permission to control their username can exploit this issue to execute arbitrary code on the system. This vulnerability can be unauthenticated if the…
CVE-2022-26133Apr 20, 2022
Atlassian
Bitbucket Data Center
risk 0.07cvss —epss 0.81
SharedSecretClusterAuthenticator in Atlassian Bitbucket Data Center versions 5.14.0 and later before 7.6.14, 7.7.0 and later prior to 7.17.6, 7.18.0 and later prior to 7.18.4, 7.19.0 and later prior to 7.19.4, and 7.20.0 allow a remote, unauthenticated attacker to execute…
CVE-2023-22513Sep 19, 2023
Atlassian
Bitbucket Server
risk 0.01cvss —epss 0.12
This High severity RCE (Remote Code Execution) vulnerability was introduced in version 8.0.0 of Bitbucket Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary code which has high…
CVE-2019-15000Sep 19, 2019
Atlassian
Bitbucket Server
risk 0.01cvss —epss 0.11
The commit diff rest endpoint in Bitbucket Server and Data Center before 5.16.10 (the fixed version for 5.16.x ), from 6.0.0 before 6.0.10 (the fixed version for 6.0.x), from 6.1.0 before 6.1.8 (the fixed version for 6.1.x), from 6.2.0 before 6.2.6 (the fixed version for 6.2.x),…
CVE-2024-21684Jul 24, 2024
Atlassian
Bitbucket Data Center
risk 0.00cvss —epss 0.01
There is a low severity open redirect vulnerability within affected versions of Bitbucket Data Center. Versions of Bitbucket DC from 8.0.0 to 8.9.12 and 8.19.0 to 8.19.1 are affected by this vulnerability. It is patched in 8.9.13 and 8.19.2. This open redirect vulnerability,…
CVE-2022-26137Jul 20, 2022
Atlassian
Confluence
risk 0.00cvss —epss 0.00
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassian has confirmed and fixed the only known security issue associated with this…
CVE-2022-26136Jul 20, 2022
Atlassian
Confluence
risk 0.00cvss —epss 0.00
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps. The impact depends on which filters are used by each app, and how the filters are used. This vulnerability can result in…
CVE-2020-36233Feb 18, 2021
Atlassian
Bitbucket Server
risk 0.00cvss —epss 0.00
The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x before 7.6.4, and from version 7.7.0 before 7.10.1 allows local attackers to escalate privileges because of weak permissions on the installation directory.
CVE-2019-20097Jan 15, 2020
Atlassian
Bitbucket Server
risk 0.00cvss —epss 0.03
Bitbucket Server and Bitbucket Data Center versions starting from 1.0.0 before 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from version 6.5.0 before…
CVE-2019-15012Jan 15, 2020
Atlassian
Bitbucket Server
risk 0.00cvss —epss 0.02
Bitbucket Server and Bitbucket Data Center from version 4.13. before 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from version 6.5.0 before 6.5.3,…
CVE-2019-15010Jan 15, 2020
Atlassian
Bitbucket Server
risk 0.00cvss —epss 0.02
Bitbucket Server and Bitbucket Data Center versions starting from version 3.0.0 before version 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from…
CVE-2019-3397Jun 3, 2019
Atlassian
Bitbucket Data Center
risk 0.00cvss —epss 0.05
Atlassian Bitbucket Data Center licensed instances starting with version 5.13.0 before 5.13.6 (the fixed version for 5.13.x), from 5.14.0 before 5.14.4 (fixed version for 5.14.x), from 5.15.0 before 5.15.3 (fixed version for 5.15.x), from 5.16.0 before 5.16.3 (fixed version for…