First published: Wed Jan 15 2020(Updated: )
Credit: security@atlassian.com
Affected Software | Affected Version | How to fix |
---|---|---|
Atlassian Bitbucket | >=4.13.0<5.6.11 | |
Atlassian Bitbucket | >=6.0.0<6.0.11 | |
Atlassian Bitbucket | >=6.1.0<6.1.9 | |
Atlassian Bitbucket | >=6.2.0<6.2.7 | |
Atlassian Bitbucket | >=6.3.0<6.3.6 | |
Atlassian Bitbucket | >=6.4.0<6.4.4 | |
Atlassian Bitbucket | >=6.5.0<6.5.3 | |
Atlassian Bitbucket | >=6.6.0<6.6.3 | |
Atlassian Bitbucket | >=6.7.0<6.7.3 | |
Atlassian Bitbucket | >=6.8.0<6.8.2 | |
Atlassian Bitbucket | >=6.9.0<6.9.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-15012 is a vulnerability in Bitbucket Server and Bitbucket Data Center.
CVE-2019-15012 has a severity rating of 8.8 (high).
Versions 4.13.0 to 5.16.11, 6.0.0 to 6.0.11, 6.1.0 to 6.1.9, 6.2.0 to 6.2.7, 6.3.0 to 6.3.6, 6.4.0 to 6.4.4, 6.5.0 to 6.5.3, 6.6.0 to 6.6.3, 6.7.0 to 6.7.3, 6.8.0 to 6.8.2, and 6.9.0 to 6.9.1 of Bitbucket Server and Bitbucket Data Center are affected.
To fix CVE-2019-15012, users need to upgrade to a patched version of Bitbucket Server or Bitbucket Data Center.
More information about CVE-2019-15012 can be found at the following link: [https://jira.atlassian.com/browse/BSERV-12100](https://jira.atlassian.com/browse/BSERV-12100)