CVE-2017-18038
published 2018-02-02CVE-2017-18038: The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a…
medium5.3CVSS 3.0
AVNACLPRNUINSUCLINAN
The repository settings resource in Atlassian Bitbucket Server before version 5.6.0 allows remote attackers to read the first line of arbitrary files via a path traversal vulnerability through the default branch name.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| atlassian | bitbucket | < 5.6.0 | 5.6.0 |
| atlassian | bitbucket_server | — | — |