Zhang Tianqi

Name of the Vulnerable Software and Affected Versions: Open-Xchange OX App Suite versions prior to 7.6.3-rev3 Open-Xchange OX App Suite versions 7.8.x prior to 7.8.2-rev4 Open-Xchange OX App Suite versions 7.8.3 prior to 7.8.3-rev5 Open-Xchange OX App Suite versions 7.8.4 prior to 7.8.4-rev4 Description: The issue allows remote attackers to read arbitrary files via a full pathname in a formula in a spreadsheet, due to an absolute path traversal vulnerability in the readerengine component. Recommendations: For versions prior to 7.6.3-rev3, update to version 7.6.3-rev3 or later. For versions 7.8.x prior to 7.8.2-rev4, update to version 7.8.2-rev4 or later. For versions 7.8.3 prior to 7.8.3-rev5, update to version 7.8.3-rev5 or later. For versions 7.8.4 prior to 7.8.4-rev4, update to version 7.8.4-rev4 or later.

**Name of the Vulnerable Software and Affected Versions** Sourcetree for Windows versions prior to 2.5.5.0 **Description** The issue allows an attacker with permission to create a tag on a Mercurial repository linked in Sourcetree for Windows to exploit an argument injection vulnerability. This can lead to code execution on the system. The vulnerability is related to the Mercurial repository tag name that is going to be deleted. **Recommendations** For versions prior to 2.5.5.0, update to version 2.5.5.0 or later to resolve the issue. As a temporary workaround, consider restricting permissions to create tags on Mercurial repositories linked in Sourcetree for Windows to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Bamboo versions 2.7.0 through 6.3.2 Bamboo versions 6.4.0 **Description** The issue arises from Bamboo's failure to properly check if a configured Mercurial repository URI contains values that the Windows operating system may consider argument parameters. This allows an attacker with specific permissions to execute code of their choice on systems running a vulnerable version of Bamboo on the Windows operating system. **Recommendations** For Bamboo versions 2.7.0 through 6.3.2, update to version 6.3.3 or later. For Bamboo version 6.4.0, update to version 6.4.1 or later.

**Name of the Vulnerable Software and Affected Versions** Fisheye versions prior to 4.4.6 Fisheye versions 4.5.0 through 4.5.2 Crucible versions prior to 4.4.6 Crucible versions 4.5.0 through 4.5.2 **Description** The issue arises from incorrect checking of configured Mercurial repository URIs in Fisheye and Crucible, allowing an attacker with repository addition permissions to execute arbitrary code on Windows operating systems running vulnerable versions of the software. **Recommendations** For Fisheye versions prior to 4.4.6, update to version 4.4.6 or later. For Fisheye versions 4.5.0 through 4.5.2, update to version 4.5.3 or later. For Crucible versions prior to 4.4.6, update to version 4.4.6 or later. For Crucible versions 4.5.0 through 4.5.2, update to version 4.5.3 or later.

Name of the Vulnerable Software and Affected Versions: Sourcetree for Windows versions 0.5.1.0 through 2.4.7.0 (excluding 2.4.7.0) Description: The issue affects the handling of Mercurial and Git repositories in Sourcetree for Windows, allowing an attacker with commit permission to a linked repository to exploit argument and command injection bugs and gain code execution on the system. This vulnerability can be triggered from a webpage using the Sourcetree URI handler, starting from version 0.8.4b. Recommendations: For versions 0.5.1.0 through 2.4.7.0 (excluding 2.4.7.0), update to version 2.4.7.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the Sourcetree URI handler and limiting commit permissions to repositories.

Name of the Vulnerable Software and Affected Versions: Sourcetree for macOS versions 1.0b2 through 2.7.0 Description: The issue affects the handling of Mercurial and Git repositories in Sourcetree for macOS, allowing an attacker with commit permission to a linked repository to exploit argument and command injection bugs and gain code execution on the system. This can be triggered from a webpage using the Sourcetree URI handler from version 1.4.0 onwards. Recommendations: For Sourcetree for macOS versions 1.0b2 through 2.7.0, update to version 2.7.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Bamboo versions 2.7.0 through 6.1.5 Bamboo versions 6.2.0 through 6.2.4 **Description** The issue allows an attacker with specific permissions to execute code of their choice on systems running a vulnerable version of Bamboo Server. This can be achieved by creating a repository, editing a plan, or committing to a Mercurial repository used by a Bamboo plan with branch detection enabled, if the attacker has permission to use the repository. **Recommendations** For Bamboo versions 2.7.0 through 6.1.5, update to version 6.1.6 or later. For Bamboo versions 6.2.0 through 6.2.4, update to version 6.2.5 or later.

**Name of the Vulnerable Software and Affected Versions** Atlassian Fisheye and Crucible versions less than 4.4.3 Atlassian Fisheye and Crucible version 4.5.0 **Description** The issue allows for argument injection through filenames in Mercurial repositories, enabling attackers to execute arbitrary code on a system running the impacted software. **Recommendations** For versions less than 4.4.3, update to version 4.4.3 or later. For version 4.5.0, update to a version later than 4.5.0.

**Name of the Vulnerable Software and Affected Versions** Mercurial versions prior to 4.4.1 **Description** The issue is related to the execution of arbitrary code through a specially malformed repository. This can cause Git subrepositories to run arbitrary code in the form of a `.git/hooks/post-update` script checked into the repository. The typical use of Mercurial prevents the construction of such repositories, but they can be created programmatically. **Recommendations** For versions prior to 4.4.1, update to version 4.4.1 or later to resolve the issue. As a temporary workaround, consider restricting the creation of repositories to prevent the construction of specially malformed repositories that could exploit this issue.