Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
It is possible to bypass the bitbucket auto-unapprove plugin via minimal brute-force because it is relying on asynchronous events on the back-end. This allows an attacker to merge any code into unsuspecting repositories. This affects all versions of the auto-unapprove plugin, however since the auto-unapprove plugin is not bundled with Bitbucket Server it does not affect any particular version of Bitbucket.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian auto-unapprove插件安全漏洞
Vulnerability Description
Atlassian auto-unapprove plugin是澳大利亚Atlassian公司的一款应用在Bitbucket中的具有自动取消、批准功能的插件。 Atlassian auto-unapprove插件3.0.1版本存在安全漏洞。攻击者可通过暴力破解攻击利用该漏洞绕过该插件。
CVSS Information
N/A
Vulnerability Type
N/A