We couldn't load all Actvitity tabs. Refresh the page to try again.
If the problem persists, contact your Jira admin.
IMPORTANT: JAC is a Public system and anyone on the internet will be able to view the data in the created JAC tickets. Please don’t include Customer or Sensitive data in the JAC ticket.
Uploaded image for project: 'Sourcetree for Windows'
  1. Sourcetree for Windows
  2. SRCTREEWIN-11289

Argument Injection via Mercurial hooks in Sourcetree for Windows - CVE-2018-20235

    • Severity 1 - Critical

      There was an argument injection vulnerability in Sourcetree for Windows via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system.

      Affected versions:

      • Versions of Sourcetree for Windows before version 3.0.15 are affected by this vulnerability

      Fix:

      For additional details, see the full advisory: https://confluence.atlassian.com/sourcetreekb/sourcetree-security-advisory-2019-03-06-966678691.html

            Loading...
            IMPORTANT: JAC is a Public system and anyone on the internet will be able to view the data in the created JAC tickets. Please don’t include Customer or Sensitive data in the JAC ticket.
            Uploaded image for project: 'Sourcetree for Windows'
            1. Sourcetree for Windows
            2. SRCTREEWIN-11289

            Argument Injection via Mercurial hooks in Sourcetree for Windows - CVE-2018-20235

              • Severity 1 - Critical

                There was an argument injection vulnerability in Sourcetree for Windows via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system.

                Affected versions:

                • Versions of Sourcetree for Windows before version 3.0.15 are affected by this vulnerability

                Fix:

                For additional details, see the full advisory: https://confluence.atlassian.com/sourcetreekb/sourcetree-security-advisory-2019-03-06-966678691.html

                        Unassigned Unassigned
                        ejensby Erin Jensby
                        Votes:
                        0 Vote for this issue
                        Watchers:
                        2 Start watching this issue

                          Created:
                          Updated:
                          Resolved:

                            Unassigned Unassigned
                            ejensby Erin Jensby
                            Affected customers:
                            0 This affects my team
                            Watchers:
                            2 Start watching this issue

                              Created:
                              Updated:
                              Resolved: