Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
This Medium severity ACE (Arbitrary Code Execution) vulnerability was introduced in version 4.2.8 of Sourcetree for Mac. This ACE (Arbitrary Code Execution) vulnerability, with a CVSS Score of 5.9, allows a locally authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires user interaction. Atlassian recommends that Sourcetree for Mac users upgrade to the latest version. If you are unable to do so, upgrade your instance to one of the specified supported fixed versions. See the release notes https://www.sourcetreeapp.com/download-archives . You can download the latest version of Sourcetree for Mac from the download center https://www.sourcetreeapp.com/download-archives . This vulnerability was found through the Atlassian Bug Bounty Program by Karol Mazurek (AFINE).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Atlassian Sourcetree for Mac 安全漏洞
Vulnerability Description
Atlassian Sourcetree for Mac是澳大利亚Atlassian公司的一款版本控制系统的图形用户界面工具。 Atlassian Sourcetree for Mac4.2.8版本存在安全漏洞,该漏洞源于本地攻击者可在运行该程序的用户上下文下执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A