Atlassian SourceTree 0.5a < 3.0.17 Multiple remote code execution vulnerabilities

The version of Atlassian SourceTree installed on the remote Windows host is version 0.5a prior to 3.0.17. It is, therefore, affected by multiple remote code execution vulnerabilities. - An option injection vulnerability exists in the git submodule component. An unauthenticated, remote attacker ca...

CVE-2018-20234

There was an argument injection vulnerability in Atlassian Sourcetree for macOS from version 1.2 before version 3.1.1 via filenames in Mercurial repositories. A remote attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain...

CVE-2018-20234

CVE-2018-20234 affects Atlassian Sourcetree for macOS (versions before 3.1.1). The vulnerability is an argument injection in the Mercurial repository component via filenames, which an attacker with commit access to a linked Mercurial repo can exploit to gain code execution on the system. The conn...

Argument Injection via Mercurial hooks in Sourcetree for macOS - CVE-2018-20234

There was an argument injection vulnerability in Sourcetree for macOS via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system. Affected versions:...