Sourcetree Security Vulnerabilities and Issues — Sourcetree CVE List

Lucene search

AtlassianSourcetree

7 matches found

CVE•added 2018/07/24 1:29 p.m.•184 views

CVE-2018-13385

There was an argument injection vulnerability in Sourcetree for macOS via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system. Versions of Sourcetree fo...

9.8CVSS9.6AI score0.00452EPSS

CVE•added 2018/07/24 1:29 p.m.•134 views

CVE-2018-13386

There was an argument injection vulnerability in Sourcetree for Windows via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. Versions of Sourcetre...

8.1CVSS9.3AI score0.00457EPSS

CVE•added 2018/04/25 9:29 p.m.•114 views

CVE-2018-5226

There was an argument injection vulnerability in Sourcetree for Windows via Mercurial repository tag name that is going to be deleted. An attacker with permission to create a tag on a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the s...

8.8CVSS8.9AI score0.00556EPSS

CVE•added 2018/11/05 10:29 p.m.•75 views

CVE-2018-13396

There was an argument injection vulnerability in Sourcetree for macOS from version 1.0b2 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain code ...

9CVSS8.8AI score0.01052EPSS

CVE•added 2018/01/26 2:29 a.m.•69 views

CVE-2017-14593

Sourcetree for Windows had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. From version 0.8.4b of Sourcetr...

9CVSS9.8AI score0.02245EPSS

CVE•added 2018/11/05 10:29 p.m.•57 views

CVE-2018-13397

There was an argument injection vulnerability in Sourcetree for Windows from version 0.5.1.0 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain...

9CVSS9AI score0.00954EPSS

CVE•added 2018/01/26 2:29 a.m.•42 views

CVE-2017-14592

Sourcetree for macOS had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit to a repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system. From version 1.4.0 of Sourcetree fo...

9CVSS9.7AI score0.02245EPSS