Unrated severityNVD Advisory· Published Mar 8, 2019· Updated Sep 16, 2024
CVE-2018-20234
CVE-2018-20234
Description
There was an argument injection vulnerability in Atlassian Sourcetree for macOS from version 1.2 before version 3.1.1 via filenames in Mercurial repositories. A remote attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: >=1.2, <3.1.1
- Atlassian/Sourcetree for macOSv5Range: 1.2
Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/152173/Sourcetree-Git-Arbitrary-Code-Execution-URL-Handling.htmlmitrex_refsource_MISC
- www.securityfocus.com/bid/107414mitrevdb-entryx_refsource_BID
- jira.atlassian.com/browse/SRCTREE-6391mitrex_refsource_CONFIRM
- seclists.org/bugtraq/2019/Mar/30mitremailing-listx_refsource_BUGTRAQ
News mentions
0No linked articles in our index yet.