PT-2025-30703 · Atlassian · Sourcetree For Mac
Karol Mazurek
·
Published
2025-07-24
·
Updated
2025-07-30
·
CVE-2025-22165
CVSS v3.1
7.3
High
| Vector | AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Sourcetree for Mac versions 4.2.8 and later
Description
This is an arbitrary code execution issue that allows a locally authenticated attacker to execute arbitrary code. The issue has a high impact on confidentiality, integrity, and availability, and requires user interaction.
Recommendations
Upgrade to the latest version of Sourcetree for Mac.
If upgrading to the latest version is not possible, upgrade to a supported fixed version.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Sourcetree For Mac