CVE-2018-5226
CVE-2018-5226
Vexday Risk Score
3Bajo
Decisión SSVC (CISA)
Track
Sin señal de explotación → monitorear
CVSS —EPSS 1.5%KEV nãoPoC —Nuclei —Metasploit —Patch —
Ciclo de vida
25 abr 2018Publicada en NVD
Recomendación: Monitorear — sin señal de explotación por ahora.
There was an argument injection vulnerability in Sourcetree for Windows via Mercurial repository tag name that is going to be deleted. An attacker with permission to create a tag on a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. All versions of Sourcetree for Windows before 2.5.5.0 are affected by this vulnerability.
Productos afectados
Atlassian · SourceTree Windows¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →