Sourcetree Security Vulnerabilities and Issues — Sourcetree CVE List

Lucene search

AtlassianSourcetree

9 matches found

CVE•added 2019/06/14 2:29 p.m.•643 views

CVE-2019-11582

An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all versions prior to 3.1.3, allows remote attackers to gain remote code execution through the use of a crafted URI.

9.3CVSS9AI score0.01879EPSS

CVE•added 2018/07/24 1:29 p.m.•184 views

CVE-2018-13385

There was an argument injection vulnerability in Sourcetree for macOS via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system. Versions of Sourcetree fo...

9.8CVSS9.6AI score0.00452EPSS

CVE•added 2018/11/05 10:29 p.m.•75 views

CVE-2018-13396

There was an argument injection vulnerability in Sourcetree for macOS from version 1.0b2 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain code ...

9CVSS8.8AI score0.01052EPSS

CVE•added 2019/03/08 6:29 p.m.•71 views

CVE-2018-20235

There was an argument injection vulnerability in Atlassian Sourcetree for Windows from version 0.5a before version 3.0.15 via filenames in Mercurial repositories. A remote attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to ...

9CVSS9AI score0.05737EPSS

CVE•added 2019/03/08 6:29 p.m.•71 views

CVE-2018-20236

There was an command injection vulnerability in Sourcetree for Windows from version 0.5a before version 3.0.10 via URI handling. A remote attacker could send a malicious URI to a victim using Sourcetree for Windows to exploit this issue to gain code execution on the system.

9.3CVSS9.1AI score0.02498EPSS

CVE•added 2018/01/26 2:29 a.m.•69 views

CVE-2017-14593

Sourcetree for Windows had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. From version 0.8.4b of Sourcetr...

9CVSS9.8AI score0.02245EPSS

CVE•added 2019/03/08 6:29 p.m.•65 views

CVE-2018-20234

There was an argument injection vulnerability in Atlassian Sourcetree for macOS from version 1.2 before version 3.1.1 via filenames in Mercurial repositories. A remote attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain c...

9CVSS8.8AI score0.04385EPSS

CVE•added 2018/11/05 10:29 p.m.•57 views

CVE-2018-13397

There was an argument injection vulnerability in Sourcetree for Windows from version 0.5.1.0 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain...

9CVSS9AI score0.00954EPSS

CVE•added 2018/01/26 2:29 a.m.•42 views

CVE-2017-14592

Sourcetree for macOS had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system. From version 1.4.0 of Sourcetree fo...

9CVSS9.7AI score0.02245EPSS