Skip to main content

Gitbucket

3 CVEs product

Monthly

CVE-2026-13540 LOW POC PATCH Monitor

Server-side request forgery in GitBucket up to version 4.46.1 allows authenticated users to coerce the application server into issuing HTTP requests to arbitrary internal or private network hosts by supplying a crafted URL to the repository creation "clone from existing repository" feature. The flaw resides in `Git.cloneRepository.setURI()` within `RepositoryCreationService.scala`, where user-supplied URL input reaches JGit without validation against private address ranges. A public exploit exists (GitHub issue #4044), though no CISA KEV listing is present - no confirmed active exploitation at time of analysis. An upstream patch is available as commit 487a9b980f56aa73b6a044b1e86a92eed5043215 via PR #4056.

SSRF Gitbucket
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.2%
CVE-2018-25332 CRITICAL POC Act Now

GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass File Upload RCE Gitbucket
NVD Exploit-DB GitHub VulDB
CVSS 4.0
9.3
EPSS
0.2%
CVE-2024-28157 Maven HIGH This Week

Jenkins GitBucket Plugin 0.8 and earlier does not sanitize Gitbucket URLs on build views, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Gitbucket
NVD
CVSS 3.1
8.0
EPSS
1.3%
EPSS 0% CVSS 2.1
LOW POC PATCH Monitor

Server-side request forgery in GitBucket up to version 4.46.1 allows authenticated users to coerce the application server into issuing HTTP requests to arbitrary internal or private network hosts by supplying a crafted URL to the repository creation "clone from existing repository" feature. The flaw resides in `Git.cloneRepository.setURI()` within `RepositoryCreationService.scala`, where user-supplied URL input reaches JGit without validation against private address ranges. A public exploit exists (GitHub issue #4044), though no CISA KEV listing is present - no confirmed active exploitation at time of analysis. An upstream patch is available as commit 487a9b980f56aa73b6a044b1e86a92eed5043215 via PR #4056.

SSRF Gitbucket
NVD VulDB GitHub
EPSS 0% CVSS 9.3
CRITICAL POC Act Now

GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Authentication Bypass File Upload RCE +1
NVD Exploit-DB GitHub VulDB
EPSS 1% CVSS 8.0
HIGH This Week

Jenkins GitBucket Plugin 0.8 and earlier does not sanitize Gitbucket URLs on build views, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to configure. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Jenkins Gitbucket
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy