Atlassian

Sourcetree

15 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.3

CVE-2025-22165

  • EPSS 0.03%
  • Veröffentlicht 24.07.2025 23:15:26
  • Zuletzt bearbeitet 30.07.2025 13:05:24

This Medium severity ACE (Arbitrary Code Execution) vulnerability was introduced in version 4.2.8 of Sourcetree for Mac. This ACE (Arbitrary Code Execution) vulnerability, with a CVSS Score of 5.9, allows a locally authenticated attacker to execute ...

8.8

CVE-2024-21697

  • EPSS 0.62%
  • Veröffentlicht 19.11.2024 19:15:07
  • Zuletzt bearbeitet 11.02.2025 21:24:33

This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19 for Sourcetree for Windows. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.8, allows an unauthen...

7.8

CVE-2023-22514

  • EPSS 0.75%
  • Veröffentlicht 16.01.2024 18:15:09
  • Zuletzt bearbeitet 12.05.2025 16:15:19

This High severity RCE (Remote Code Execution) vulnerability was introduced in version 3.4.14 of Sourcetree for Mac and Sourcetree for Windows. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 7.8, and a CVSS Vector of: CVSS...

9.3

CVE-2019-11582

  • EPSS 1.88%
  • Veröffentlicht 14.06.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:21:23

An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all versions prior to 3.1.3, allows remote attackers to gain remote code execution through the use of a crafted URI.

9

CVE-2018-20234

  • EPSS 4.39%
  • Veröffentlicht 08.03.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:08

There was an argument injection vulnerability in Atlassian Sourcetree for macOS from version 1.2 before version 3.1.1 via filenames in Mercurial repositories. A remote attacker with permission to commit to a Mercurial repository linked in Sourcetree ...

9

CVE-2018-20235

  • EPSS 5.74%
  • Veröffentlicht 08.03.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:08

There was an argument injection vulnerability in Atlassian Sourcetree for Windows from version 0.5a before version 3.0.15 via filenames in Mercurial repositories. A remote attacker with permission to commit to a Mercurial repository linked in Sourcet...

9.3

CVE-2018-20236

  • EPSS 2.5%
  • Veröffentlicht 08.03.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:08

There was an command injection vulnerability in Sourcetree for Windows from version 0.5a before version 3.0.10 via URI handling. A remote attacker could send a malicious URI to a victim using Sourcetree for Windows to exploit this issue to gain code ...

9

CVE-2018-13396

  • EPSS 1.05%
  • Veröffentlicht 05.11.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:47:01

There was an argument injection vulnerability in Sourcetree for macOS from version 1.0b2 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for ...

9

CVE-2018-13397

  • EPSS 0.95%
  • Veröffentlicht 05.11.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:47:01

There was an argument injection vulnerability in Sourcetree for Windows from version 0.5.1.0 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree ...

9.8

CVE-2018-13385

  • EPSS 0.45%
  • Veröffentlicht 24.07.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:47:00

There was an argument injection vulnerability in Sourcetree for macOS via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain code e...