| Max CVSS | 10.0 | Min CVSS | 6.8 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2017-17458 | 10.0 |
In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construc
|
31-07-2020 - 13:15 | 07-12-2017 - 18:29 | |
| CVE-2017-14592 | 9.0 |
Sourcetree for macOS had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution o
|
11-05-2020 - 17:00 | 26-01-2018 - 02:29 | |
| CVE-2017-14593 | 9.0 |
Sourcetree for Windows had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for Windows is able to exploit this issue to gain code executi
|
03-10-2019 - 00:03 | 26-01-2018 - 02:29 | |
| CVE-2017-17831 | 6.8 |
GitHub Git LFS before 2.1.1 allows remote attackers to execute arbitrary commands via an ssh URL with an initial dash character in the hostname, located on a "url =" line in a .lfsconfig file within a repository.
|
01-08-2019 - 12:14 | 21-12-2017 - 06:29 |