CVE-2018-13397 is a vulnerability in Atlassian Sourcetree
Published on November 5, 2018

There was an argument injection vulnerability in Sourcetree for Windows from version 0.5.1.0 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system.

NVD

Products Associated with CVE-2018-13397

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2018-13397 are published in Atlassian Sourcetree:

Atlassian Sourcetree

Affected Versions

Atlassian Sourcetree for Windows:

Version 0.5.1.0 and below unspecified is affected.
Version unspecified and below 3.0.0 is affected.

Exploit Probability

EPSS

0.95%

Percentile

76.08%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

CVE-2018-13397 is a vulnerability in Atlassian SourcetreePublished on November 5, 2018

Products Associated with CVE-2018-13397

Affected Versions

Exploit Probability

CVE-2018-13397 is a vulnerability in Atlassian Sourcetree
Published on November 5, 2018