5 matches found
Atlassian SourceTree 0.5.1.0 < 2.6.9 Remote Code Execution Vulnerabilities
The version of Atlassian SourceTree installed on the remote host is a version 0.5.1.0 prior to 2.6.9 . It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. C Tenable...
Sourcetree Remote Code Execution Exploit
Sourcetree suffers from multiple remote code execution vulnerabilities related to git submodules and argument injection. macOS versions 1.0b2 up to 2.7.6 and Windows versions 0.5.1.0 up to 2.6.10 are affected. Sourcetree Remote Code Execution Exploit CVE ID: CVE-2018-11235. CVE-2018-13385...
CVE-2018-13385
There was an argument injection vulnerability in Sourcetree for macOS via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system. Versions of Sourcetree...
CVE-2018-13385
Sourcetree for macOS is affected in versions 1.0b2 through before 2.7.6 by an argument injection vulnerability via filenames in Mercurial repositories. An attacker who can commit to a linked Mercurial repo can exploit this to gain code execution on the host. Root cause: unsafe handling of reposit...
CVE-2018-13385
There was an argument injection vulnerability in Sourcetree for macOS via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system. Versions of Sourcetree...