2 matches found
CVE-2018-5226
There was an argument injection vulnerability in Sourcetree for Windows via Mercurial repository tag name that is going to be deleted. An attacker with permission to create a tag on a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the...
CVE-2018-5226
The CVE-2018-5226 issue affects Sourcetree for Windows (all versions prior to 2.5.5.0). The vulnerability is an argument injection flaw in the Mercurial repository tag name, which an attacker who can create a tag on a linked Mercurial repo can exploit to gain code execution on the host. Root caus...