Critical severity9.1NVD Advisory· Published Oct 4, 2018· Updated Jun 17, 2026
CVE-2018-17983
CVE-2018-17983
Description
cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
mercurialPyPI | < 4.7.2 | 4.7.2 |
Affected products
3- ghsa-coords3 versionspkg:pypi/mercurialpkg:rpm/opensuse/mercurial&distro=openSUSE%20Tumbleweedpkg:rpm/suse/mercurial&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015
< 4.7.2+ 2 more
- (no CPE)range: < 4.7.2
- (no CPE)range: < 5.9.1-2.1
- (no CPE)range: < 4.5.2-3.6.1
Patches
Vulnerability mechanics
References
5- www.mercurial-scm.org/repo/hg/rev/5405cb1a7901nvdPatchWEB
- github.com/advisories/GHSA-p575-cf9h-wv42ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-17983ghsaADVISORY
- github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2018-91.yamlghsaWEB
- www.mercurial-scm.org/wiki/WhatsNewnvdRelease NotesWEB
News mentions
0No linked articles in our index yet.