Remote Code Execution via Git and Mercurial - (CVE-2017-1000117, CVE-2017-1000115, CVE-2017-1000116)

XMLWordPrintable

    • Severity 1 - Critical

      SourceTree for macOS is affected by vulnerabilities found in the Git and Mercurial software. This vulnerability can be triggered through a malicious repository when it is checked out using SourceTree. From version 1.4.0 of SourceTree for macOS this vulnerability can be triggered from a webpage through the use of the SourceTree URI handler.

      Affected versions:

      • Versions of SourceTree for macOS starting with 1.0b2 before version 2.6.1 are affected by this vulnerability.

      Fix:

      For additional details see the full advisory.

              Assignee:
              Unassigned
              Reporter:
              Matt Hart (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated:
                Resolved: