Skip to main content

Sourcetree

8 CVEs product

Monthly

CVE-2024-21697 HIGH This Week

This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19 for Sourcetree for Windows. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Atlassian RCE Microsoft Sourcetree
NVD
CVSS 3.1
8.8
EPSS
0.7%
CVE-2019-11582 HIGH This Week

An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all versions prior to 3.1.3, allows remote attackers to gain remote code execution through the use of a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Atlassian Microsoft RCE Sourcetree
NVD
CVSS 3.0
8.8
EPSS
4.9%
CVE-2018-13397 HIGH This Week

There was an argument injection vulnerability in Sourcetree for Windows from version 0.5.1.0 before version 3.0.0 via Git subrepositories in Mercurial repositories. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft RCE Sourcetree
NVD
CVSS 3.0
8.8
EPSS
2.1%
CVE-2018-13396 HIGH This Week

There was an argument injection vulnerability in Sourcetree for macOS from version 1.0b2 before version 3.0.0 via Git subrepositories in Mercurial repositories. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Apple Sourcetree
NVD
CVSS 3.0
8.8
EPSS
1.9%
CVE-2018-13386 HIGH This Week

There was an argument injection vulnerability in Sourcetree for Windows via filenames in Mercurial repositories. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft RCE Sourcetree
NVD
CVSS 3.0
8.1
EPSS
1.6%
CVE-2018-13385 CRITICAL Act Now

There was an argument injection vulnerability in Sourcetree for macOS via filenames in Mercurial repositories. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Sourcetree
NVD
CVSS 3.0
9.8
EPSS
2.2%
CVE-2018-5226 HIGH This Week

There was an argument injection vulnerability in Sourcetree for Windows via Mercurial repository tag name that is going to be deleted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft RCE Sourcetree
NVD
CVSS 3.0
8.8
EPSS
1.5%
CVE-2017-8768 CRITICAL Act Now

Atlassian SourceTree v2.5c and prior are affected by a command injection in the handling of the sourcetree:// scheme. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Atlassian Command Injection Sourcetree
NVD
CVSS 3.0
9.8
EPSS
8.0%
EPSS 1% CVSS 8.8
HIGH This Week

This High severity RCE (Remote Code Execution) vulnerability was introduced in versions 4.2.8 of Sourcetree for Mac and 3.4.19 for Sourcetree for Windows. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Atlassian RCE Microsoft +1
NVD
EPSS 5% CVSS 8.8
HIGH This Week

An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all versions prior to 3.1.3, allows remote attackers to gain remote code execution through the use of a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Atlassian Microsoft RCE +1
NVD
EPSS 2% CVSS 8.8
HIGH This Week

There was an argument injection vulnerability in Sourcetree for Windows from version 0.5.1.0 before version 3.0.0 via Git subrepositories in Mercurial repositories. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft RCE Sourcetree
NVD
EPSS 2% CVSS 8.8
HIGH This Week

There was an argument injection vulnerability in Sourcetree for macOS from version 1.0b2 before version 3.0.0 via Git subrepositories in Mercurial repositories. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Apple Sourcetree
NVD
EPSS 2% CVSS 8.1
HIGH This Week

There was an argument injection vulnerability in Sourcetree for Windows via filenames in Mercurial repositories. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Microsoft RCE Sourcetree
NVD
EPSS 2% CVSS 9.8
CRITICAL Act Now

There was an argument injection vulnerability in Sourcetree for macOS via filenames in Mercurial repositories. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Apple Sourcetree
NVD
EPSS 1% CVSS 8.8
HIGH This Week

There was an argument injection vulnerability in Sourcetree for Windows via Mercurial repository tag name that is going to be deleted. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft RCE Sourcetree
NVD
EPSS 8% CVSS 9.8
CRITICAL Act Now

Atlassian SourceTree v2.5c and prior are affected by a command injection in the handling of the sourcetree:// scheme. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Atlassian Command Injection Sourcetree
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy