Vendor
Mercurial
Products
1
CVEs
11
Across products
11
Status
Private
Products
1- 11 CVEs
Recent CVEs
11| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-17458 | Cri | 0.65 | 9.8 | 0.17 | Dec 7, 2017 | In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be created programmatically. | |
| CVE-2017-1000116 | Cri | 0.64 | 9.8 | 0.06 | Oct 5, 2017 | Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks. | |
| CVE-2017-9462 | Hig | 0.64 | 8.8 | 0.49 | Jun 6, 2017 | In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name. | |
| CVE-2016-3630 | Hig | 0.58 | 8.8 | 0.05 | Apr 13, 2016 | The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records. | |
| CVE-2016-3068 | Hig | 0.58 | 8.8 | 0.05 | Apr 13, 2016 | Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository. | |
| CVE-2017-1000115 | Hig | 0.49 | 7.5 | 0.02 | Oct 5, 2017 | Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository | |
| CVE-2010-4237 | 0.00 | — | 0.00 | Oct 29, 2019 | Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack. | ||
| CVE-2019-3902 | 0.00 | — | 0.01 | Apr 22, 2019 | A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial's path-checking logic and write files outside a repository. | ||
| CVE-2014-9462 | 0.00 | — | 0.01 | Mar 31, 2015 | The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command. | ||
| CVE-2008-4297 | 0.00 | — | 0.01 | Sep 27, 2008 | Mercurial before 1.0.2 does not enforce the allowpull permission setting for a pull operation from hgweb, which allows remote attackers to read arbitrary files from a repository via an "hg pull" request. | ||
| CVE-2008-2942 | 0.00 | — | 0.01 | Jun 30, 2008 | Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." (dot dot) sequences in a patch file. |