Atlassian: >> Sourcetree >> 3.1 Security Vulnerabilities
An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all versions prior to 3.1.3, allows remote attackers to gain remote code execution through the use of a crafted URI.
CVSS Score
8.8
EPSS Score
0.019
Published
2019-06-14
There was an argument injection vulnerability in Atlassian Sourcetree for macOS from version 1.2 before version 3.1.1 via filenames in Mercurial repositories. A remote attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system.
CVSS Score
8.8
EPSS Score
0.044
Published
2019-03-08