Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistAtlassianCVELIST:CVE-2017-14593
HistoryJan 24, 2018 - 12:00 a.m.

CVE-2017-14593

2018-01-2400:00:00
atlassian
www.cve.org

9.9 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

66.2%

JSON

Sourcetree for Windows had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. From version 0.8.4b of Sourcetree for Windows, this vulnerability can be triggered from a webpage through the use of the Sourcetree URI handler. Versions of Sourcetree for Windows starting with 0.5.1.0 before version 2.4.7.0 are affected by this vulnerability

CNA Affected

[
  {
    "product": "Sourcetree for Windows",
    "vendor": "Atlassian",
    "versions": [
      {
        "status": "affected",
        "version": "Versions starting with 0.5.1.0 before version 2.4.7.0"
      }
    ]
  }
]

Related

cve 1
prion 1
nvd 1
nessus 1
atlassian 2
cve
cve
CVE-2017-14593
2018-01-26 02:29:02
prion
prion
Command injection
2018-01-26 02:29:00
nvd
nvd
CVE-2017-14593
2018-01-26 02:29:02
nessus
nessus
Atlassian SourceTree 0.5.1.0 < 2.4.7.0 Multiple Vulnerabilities
2018-02-16 00:00:00
atlassian
atlassian
Git LFS: Arbitrary command execution in repositories with Git LFS enabled - CVE-2017-17831
2017-12-21 05:04:52
Git LFS: Arbitrary command execution in repositories with Git LFS enabled - CVE-2017-17831
2017-12-21 05:04:52

9.9 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

66.2%

JSON
Related for CVELIST:CVE-2017-14593
cve1prion1nvd1nessus1atlassian2