-
Bug
-
Resolution: Fixed
-
Highest
-
2.6.9
-
None
-
Severity 1 - Critical
There was an argument injection vulnerability in Sourcetree for Windows from version 0.5.1.0 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system.
For additional details, see the full advisory
- is related to
-
SRCTREE-5985 Remote Code Execution in Sourcetree for macOS, via Mercurial repo with Git subrepo - CVE-2018-13396
- Closed