Critical Vulnerability Information Vulnerability Overview Title: Bitbucket OAuth Token Exposure via Redirect Fragment in Gitpod Classic Publisher: securitymirco Publication Time: 7 hours ago CVE ID: CVE-2025-55750 Severity: Medium (6.5/10) Affected Scope Affected Versions: - Gitpod Classic: before main-gha.33628 - Gitpod Classic Enterprise: before main-gha.33628 Fixed Versions: - Gitpod Classic: main-gha.33628 and later - Gitpod Classic Enterprise: main-gha.33628 and later Description and Impact Description: Under certain conditions, the Bitbucket OAuth integration in Gitpod Classic allows exposure of valid Bitbucket access tokens via a carefully crafted link in the URL fragment. Impact: When an authenticated user clicks on the link, the way Bitbucket returns the token and how Gitpod handles the redirect flow leads to this issue. This problem is specific to Bitbucket (GitHub and GitLab integrations are unaffected), requires user interaction, and has been mitigated through improved redirect handling and OAuth logic. Affected Products Gitpod Classic (hosted at gitpod.io) Gitpod Classic Enterprise (self-hosted) Remediation Fix PR: #20983 Recommendation: Upgrade to the patched versions of Gitpod Classic and Classic Enterprise. Mitigation Guide (Bitbucket OAuth) 1. Navigate to Bitbucket's Authorized Applications page. 2. Locate your Gitpod OAuth application. 3. Click Revoke Access. 4. Re-login to Gitpod via Bitbucket to generate a new token. Bypass Methods No reliable bypass methods exist. Mitigation requires updating to the patched version. Weakness CWE-201