CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Mercurial » Mercurial » * * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:a:mercurial:mercurial:*:*:*:*:*:*:*:*
Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2019-3902 59 2019-04-22 2020-07-31
5.8
None Remote Medium Not required None Partial Partial
A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial's path-checking logic and write files outside a repository.
2 CVE-2018-1000132 732 2018-03-14 2020-07-31
6.4
None Remote Low Not required Partial Partial None
Mercurial version 4.5 and earlier contains a Incorrect Access Control (CWE-285) vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1.
3 CVE-2018-17983 125 2018-10-04 2018-12-13
6.4
None Remote Low Not required Partial None Partial
cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry.
4 CVE-2018-13348 20 2018-07-06 2020-07-31
5.0
None Remote Low Not required None Partial None
The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001.
5 CVE-2018-13347 190 2018-07-06 2020-07-31
7.5
None Remote Low Not required Partial Partial Partial
mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002.
6 CVE-2018-13346 20 2018-07-06 2020-07-31
5.0
None Remote Low Not required None Partial None
The mpatch_apply function in mpatch.c in Mercurial before 4.6.1 incorrectly proceeds in cases where the fragment start is past the end of the original data, aka OVE-20180430-0004.
7 CVE-2017-1000116 78 2017-10-05 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.
8 CVE-2017-1000115 59 2017-10-05 2019-05-10
5.0
None Remote Low Not required None Partial None
Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository
9 CVE-2017-17458 78 2017-12-07 2020-07-31
10.0
None Remote Low Not required Complete Complete Complete
In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be created programmatically.
10 CVE-2017-9462 732 Exec Code 2017-06-06 2020-02-05
9.0
None Remote Low ??? Complete Complete Complete
In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name.
11 CVE-2016-3630 19 Exec Code 2016-04-13 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records.
12 CVE-2016-3105 284 Exec Code 2016-05-09 2017-07-01
6.8
None Remote Medium Not required Partial Partial Partial
The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name.
13 CVE-2016-3069 20 Exec Code 2016-04-13 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.
14 CVE-2016-3068 20 Exec Code 2016-04-13 2018-10-30
6.8
None Remote Medium Not required Partial Partial Partial
Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.
15 CVE-2014-9462 20 Exec Code 2015-03-31 2018-10-30
7.5
None Remote Low Not required Partial Partial Partial
The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command.
16 CVE-2010-4237 295 2019-10-29 2019-10-31
4.3
None Remote Medium Not required None Partial None
Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack.
17 CVE-2008-4297 264 2008-09-27 2018-10-11
5.0
None Remote Low Not required Partial None None
Mercurial before 1.0.2 does not enforce the allowpull permission setting for a pull operation from hgweb, which allows remote attackers to read arbitrary files from a repository via an "hg pull" request.
Total number of vulnerabilities : 17   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.