CVE-2018-13386
- EPSS 0.46%
- Veröffentlicht 24.07.2018 13:29:00
- Zuletzt bearbeitet 21.11.2024 03:47:00
There was an argument injection vulnerability in Sourcetree for Windows via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain co...
CVE-2018-5226
- EPSS 0.53%
- Veröffentlicht 25.04.2018 21:29:00
- Zuletzt bearbeitet 21.11.2024 04:08:22
There was an argument injection vulnerability in Sourcetree for Windows via Mercurial repository tag name that is going to be deleted. An attacker with permission to create a tag on a Mercurial repository linked in Sourcetree for Windows is able to e...
- EPSS 2.13%
- Veröffentlicht 26.01.2018 02:29:02
- Zuletzt bearbeitet 21.11.2024 03:13:09
Sourcetree for macOS had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution o...
- EPSS 2.13%
- Veröffentlicht 26.01.2018 02:29:02
- Zuletzt bearbeitet 21.11.2024 03:13:10
Sourcetree for Windows had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for Windows is able to exploit this issue to gain code executi...
- EPSS 8.53%
- Veröffentlicht 04.05.2017 22:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
Atlassian SourceTree v2.5c and prior are affected by a command injection in the handling of the sourcetree:// scheme. It will lead to arbitrary OS command execution with a URL substring of sourcetree://cloneRepo/ext:: or sourcetree://checkoutRef/ext:...