CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2018-1000132 – mercurial: HTTP server permissions bypass
https://notcve.org/view.php?id=CVE-2018-1000132
14 Mar 2018 — Mercurial version 4.5 and earlier contains a Incorrect Access Control (CWE-285) vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1. Mercurial, en versiones 4.5 y anteriores, contiene una vulnerabilidad de control de acceso incorrecto (CWE-285) en el servidor de protocolo que puede resultar en el acceso a datos sin autorización. Este ataque parece ser explotable med... • https://access.redhat.com/errata/RHSA-2019:2276 • CWE-20: Improper Input Validation CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-1000112
https://notcve.org/view.php?id=CVE-2018-1000112
13 Mar 2018 — An improper authorization vulnerability exists in Jenkins Mercurial Plugin version 2.2 and earlier in MercurialStatus.java that allows an attacker with network access to obtain a list of nodes and users. Existe una vulnerabilidad de autorización incorrecta en el plugin Mercurial para Jenkins, en versiones 2.2 y anteriores, en MercurialStatus.java que permite que un atacante con acceso de red obtenga una lista de nodos y usuarios. • https://jenkins.io/security/advisory/2018-02-26/#SECURITY-726 • CWE-863: Incorrect Authorization •
CVSS: 10.0EPSS: 18%CPEs: 3EXPL: 0CVE-2017-17458 – SourceTree Remote Command Injection
https://notcve.org/view.php?id=CVE-2017-17458
07 Dec 2017 — In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be created programmatically. En Mercurial, en versiones anteriores a la 4.4.1, es posible que un repositorio especialmente mal formado provoque que los subrepositorios Git ejecuten código arbitrario en la forma de un scrip... • http://www.securityfocus.com/bid/102926 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 2%CPEs: 13EXPL: 0CVE-2017-1000115 – Mercurial: pathaudit: path traversal via symlink
https://notcve.org/view.php?id=CVE-2017-1000115
11 Aug 2017 — Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository Las versiones anteriores a la 4.3 de Mercurial son vulnerables a una falta de comprobación de symlink. Los repositorios maliciosos pueden aprovecharse de esto para modificar archivos fuera del repositorio. A vulnerability was found in the way Mercurial handles path auditing and caches the results. An attacker could abuse a repository with a series of commits mixing s... • http://www.debian.org/security/2017/dsa-3963 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 10.0EPSS: 3%CPEs: 13EXPL: 0CVE-2017-1000116 – mercurial: command injection on clients through malicious ssh URLs
https://notcve.org/view.php?id=CVE-2017-1000116
11 Aug 2017 — Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks. Las versiones anteriores a la 4.3 de Mercurial no sanitizaban adecuadamente los nombres de host pasados a ssh, lo que conducía a posibles ataques de inyección de shell. A shell command injection flaw related to the handling of "ssh" URLs has been discovered in Mercurial. This can be exploited to execute shell commands with the privileges of the user running the Mercurial client, for examp... • http://www.debian.org/security/2017/dsa-3963 • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 48%CPEs: 18EXPL: 0CVE-2017-9462 – mercurial: Python debugger accessible to authorized users
https://notcve.org/view.php?id=CVE-2017-9462
06 Jun 2017 — In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name. En Mercurial, en versiones anteriores a la 4.1.3, \"hg serve --stdio\" permite que usuarios autenticados remotos inicien el depurador de Python y, como consecuencia, ejecuten código arbitrario utilizando --debugger como nombre del repositorio. A flaw was found in the way "hg serve --stdio" command in Mercurial handle... • http://www.debian.org/security/2017/dsa-3963 • CWE-284: Improper Access Control CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2016-3105 – Gentoo Linux Security Advisory 201612-19
https://notcve.org/view.php?id=CVE-2016-3105
03 May 2016 — The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name. La extensión convert en Mercurial en versiones anteriores a 3.8 podría permitir a atacantes dependientes de contexto ejecutar código arbitrario a través de un nombre de repositorio git manipulado. Blake Burkhart discovered an arbitrary code execution flaw in Mercurial, a distributed version control system, when using the convert extension on Git repositories with... • http://lists.opensuse.org/opensuse-updates/2016-05/msg00082.html • CWE-284: Improper Access Control •
CVSS: 8.8EPSS: 3%CPEs: 18EXPL: 0CVE-2016-3068 – mercurial: command injection via git subrepository urls
https://notcve.org/view.php?id=CVE-2016-3068
04 Apr 2016 — Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository. Mercurial en versiones anteriores a 3.7.3 permite a atacantes remotos ejecutar código arbitrario a través de una URL git ext:: manipulada cuando se clona un subrepositorio. It was discovered that Mercurial failed to properly check Git sub-repository URLs. A Mercurial repository that includes a Git sub-repository with a specially crafted URL could cause Mercurial to execute arbit... • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 2%CPEs: 18EXPL: 0CVE-2016-3069 – mercurial: convert extension command injection via git repository names
https://notcve.org/view.php?id=CVE-2016-3069
04 Apr 2016 — Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository. Mercurial en versiones anteriores a 3.7.3 permite a atacantes remotos ejecutar código arbitrario a través de un nombre manipulado cuando se convierte un repositorio Git. It was discovered that the Mercurial convert extension failed to sanitize special characters in Git repository names. A Git repository with a specially crafted name could cause Mercurial to execute arbitrary code whe... • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 8.8EPSS: 8%CPEs: 11EXPL: 0CVE-2016-3630 – Gentoo Linux Security Advisory 201612-19
https://notcve.org/view.php?id=CVE-2016-3630
04 Apr 2016 — The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records. El decodificador delta binario en Mercurial en versiones anteriores a 3.7.3 permite a atacantes remotos ejecutar código arbitrario a través de un comando (1) clone, (2) push o (3) pull, relacionado con (a) un error de redondeo del tamaño de lista y (b) registros cortos. Multiple vulnerabilities ... • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html • CWE-19: Data Processing Errors •