CVE-2017-18036 - AskarLabs CVE Database

CVE-2017-18036

Vendor Atlassian

Product Bitbucket Server

Weakness CWE-918 · SSRF

Published February 2, 2018

Last update September 16, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The Github repository importer in Atlassian Bitbucket Server before version 5.3.0 allows remote attackers to determine if a service they could not otherwise reach has open ports via a Server Side Request Forgery (SSRF) vulnerability.

Key dates

02Disclosure timeline

February 2, 2018 CVE published

September 16, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2017-18036

Related vulnerabilities

04Related CVE

CVE-2023-37290 InfoDoc Document On-line Submission and Approval System - Server-Side Request Forgery (SSRF) CVE-2022-23464 Potential Server Side Request Forgery (SSRF) in Nepxion Discovery CVE-2026-6587 vibrantlabsai RAGAS Collections util.py _try_process_url server-side request forgery CVE-2026-2654 huggingface smolagents LocalPythonExecutor requests.post server-side request forgery CVE-2025-58203 WordPress Solace Extra Plugin <= 1.3.2 - Server Side Request Forgery (SSRF) Vulnerability