VYPR

Bitbucket Auto Unapprove Plugin

by Atlassian

CVEs (1)

  • CVE-2017-16857HigDec 5, 2017
    risk 0.55cvss 8.5epss 0.01

    It is possible to bypass the bitbucket auto-unapprove plugin via minimal brute-force because it is relying on asynchronous events on the back-end. This allows an attacker to merge any code into unsuspecting repositories. This affects all versions of the auto-unapprove plugin,…