PT-2019-10028 · Mercurial+1 · Mercurial+1
Erin Jensby
·
Publicado
2019-03-08
·
Atualizado
2019-10-03
·
CVE-2018-20235
CVSS v2.0
9.0
Alta
| Vetor | AV:N/AC:L/Au:S/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Atlassian Sourcetree for Windows versions 0.5a through 3.0.14
Description:
The issue allows a remote attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows to exploit an argument injection vulnerability via filenames in Mercurial repositories, potentially gaining code execution on the system.
Recommendations:
For Atlassian Sourcetree for Windows versions 0.5a through 3.0.14, update to version 3.0.15 or later to resolve the issue.
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Sourcetree For Windows
Mercurial