Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Atlassian SourceTree v2.5c and prior are affected by a command injection in the handling of the sourcetree:// scheme. It will lead to arbitrary OS command execution with a URL substring of sourcetree://cloneRepo/ext:: or sourcetree://checkoutRef/ext:: followed by the command. The Atlassian ID number is SRCTREE-4632.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian SourceTree 命令注入漏洞
Vulnerability Description
Atlassian SourceTree是澳大利亚Atlassian公司一款免费的Git和Mercurial客户端工具,能够利用可视化界面管理存储库。 Atlassian SourceTree 2.5c及之前的版本中的sourcetree:// scheme处理过程存在命令注入漏洞。攻击者可利用该漏洞执行任意的操作系统命令。
CVSS Information
N/A
Vulnerability Type
N/A