Unrated severityNVD Advisory· Published Nov 5, 2018· Updated Sep 16, 2024

CVE-2018-13397

Description

There was an argument injection vulnerability in Sourcetree for Windows from version 0.5.1.0 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system.

Affected products

Atlassian/Sourcetree for Windowscpe-rescue
Range: 0.5.1.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

jira.atlassian.com/browse/SRCTREEWIN-9077mitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000