Our vulnerability detection agent has detected OpenSSL 1.1.1.14 in Sourcetree 3.4.18 (located in git_local\mingw32\bin\openssl.exe and git_local\bin\openssl.exe) which is flagging 5 high vulnerabilities (and a whole host of lower ones) such as CVE-2023-0286, CVE-2023-0215, and CVE-2023-4807.
Is there a way to update this manually, or is there a plan to update this in the product?
Welcome to the Atlassian Community @atateEvtz !
I know it has been sometime since you posted this question. I hope by now it is already fixed. If not how can we help you?
Best,
Hi,
I'm fairly sure I fixed this by updating Git for Windows as that turned out to be the issue rather than sourctree
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.