Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2018-20236

Published: 08/03/2019 Updated: 03/10/2019
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Sourcetree

Vulnerability Summary

There was an command injection vulnerability in Sourcetree for Windows from version 0.5a before version 3.0.10 via URI handling. A remote attacker could send a malicious URI to a victim using Sourcetree for Windows to exploit this issue to gain code execution on the system.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

atlassian sourcetree

References

CWE-77https://jira.atlassian.com/browse/SRCTREEWIN-11291http://www.securityfocus.com/bid/107401https://seclists.org/bugtraq/2019/Mar/30http://packetstormsecurity.com/files/152173/Sourcetree-Git-Arbitrary-Code-Execution-URL-Handling.htmlhttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
XXECVE-2024-34490SQL injectionCVE-2024-34488CVE-2024-4507CVE-2023-7028CVE-2024-23187TCPCVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook