Vulnerabilities > Atlassian > Bitbucket > 6.10.9

DATE CVE VULNERABILITY TITLE RISK
2022-07-20 CVE-2022-26136 Improper Authentication vulnerability in Atlassian products
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to bypass Servlet Filters used by first and third party apps.
network
low complexity
atlassian CWE-287
critical
 9.8
9.8
2022-07-20 CVE-2022-26137 Origin Validation Error vulnerability in Atlassian products
A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses.
network
low complexity
atlassian CWE-346
8.8
8.8
2020-07-09 CVE-2020-14171 Cleartext Transmission of Sensitive Information vulnerability in Atlassian Bitbucket
Atlassian Bitbucket Server from version 4.9.0 before version 7.2.4 allows remote attackers to intercept unencrypted repository import requests via a Man-in-the-Middle (MITM) attack.
network
high complexity
atlassian CWE-319
6.5
6.5
2020-07-09 CVE-2020-14170 Server-Side Request Forgery (SSRF) vulnerability in Atlassian Bitbucket
Webhooks in Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 allow remote attackers to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability.
network
low complexity
atlassian CWE-918
4.3
4.3