Loading...

XML

Word

Printable

Details

Type: Bug
Resolution: Fixed
Priority: Highest
Fix Version/s: 2.5.1
Affects Version/s: 1.4.0
Component/s: None
Labels:

Symptom Severity:
Severity 1 - Critical

Description

SourceTree for Mac is affected by a command injection vulnerability in URI handling. The vulnerability can be triggered through a browser or the SourceTree interface.

Affected versions:

Versions of SourceTree for Mac starting with 1.4.0 before version 2.5.1 are affected by this vulnerability.

Fix:

Upgrade SourceTree for Mac to version 2.5.1 or higher from https://www.sourcetreeapp.com/

Acknowledgements
We would like to credit Yu Hong for reporting this issue to us.

For additional details see the full advisory.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending
- Thumbnails
- List

Screen Shot 2017-05-11 at 6.21.24 PM.png
521 kB
12/May/2017 1:22 AM

Activity

People

Assignee:: Unassigned

Reporter:: alexmin (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 12 Start watching this issue

Dates

Created:: 08/May/2017 5:13 AM

Updated:: 06/Oct/2019 11:15 AM

Resolved:: 09/May/2017 5:50 AM