Page 2 of 19 results (0.009 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001. La función mpatch_decode en mpatch.c en Mercurial en versiones anteriores a la 4.6.1 gestiona de manera incorrecta ciertas situaciones en las que debería haber, al menos, 12 bytes sobrantes tras la posición actual en los datos del parche, pero en realidad no los hay. Esto también se conoce como OVE-20180430-0001. • https://lists.debian.org/debian-lts-announce/2020/07/msg00032.html https://www.mercurial-scm.org/repo/hg/rev/90a274965de7 https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.6.1_.282018-06-06.29 • CWE-20: Improper Input Validation •

CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0

Mercurial version 4.5 and earlier contains a Incorrect Access Control (CWE-285) vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1. Mercurial, en versiones 4.5 y anteriores, contiene una vulnerabilidad de control de acceso incorrecto (CWE-285) en el servidor de protocolo que puede resultar en el acceso a datos sin autorización. Este ataque parece ser explotable mediante conectividad de red. • https://access.redhat.com/errata/RHSA-2019:2276 https://lists.debian.org/debian-lts-announce/2018/03/msg00034.html https://lists.debian.org/debian-lts-announce/2018/07/msg00005.html https://lists.debian.org/debian-lts-announce/2020/07/msg00032.html https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.5.1_.2F_4.5.2_.282018-03-06.29 https://access.redhat.com/security/cve/CVE-2018-1000132 https://bugzilla.redhat.com/show_bug.cgi?id=1553265 • CWE-20: Improper Input Validation CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0

In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be created programmatically. En Mercurial, en versiones anteriores a la 4.4.1, es posible que un repositorio especialmente mal formado provoque que los subrepositorios Git ejecuten código arbitrario en la forma de un script .git/hooks/post-update verificado en el repositorio. El uso habitual de Mercurial evita la construcción de tales repositorios, pero pueden crearse programáticamente. • http://www.securityfocus.com/bid/102926 https://bz.mercurial-scm.org/show_bug.cgi?id=5730 https://confluence.atlassian.com/sourcetreekb/sourcetree-security-advisory-2018-01-24-942834324.html https://lists.debian.org/debian-lts-announce/2017/12/msg00027.html https://lists.debian.org/debian-lts-announce/2018/07/msg00005.html https://lists.debian.org/debian-lts-announce/2018/07/msg00041.html https://lists.debian.org/debian-lts-announce/2020/07/msg00032.html https://www.mercurial-scm.org&#x • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 10.0EPSS: 0%CPEs: 13EXPL: 0

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks. Las versiones anteriores a la 4.3 de Mercurial no sanitizaban adecuadamente los nombres de host pasados a ssh, lo que conducía a posibles ataques de inyección de shell. A shell command injection flaw related to the handling of "ssh" URLs has been discovered in Mercurial. This can be exploited to execute shell commands with the privileges of the user running the Mercurial client, for example, when performing a "checkout" or "update" action on a sub-repository within a malicious repository or a legitimate repository containing a malicious commit. • http://www.debian.org/security/2017/dsa-3963 http://www.securityfocus.com/bid/100290 https://access.redhat.com/errata/RHSA-2017:2489 https://security.gentoo.org/glsa/201709-18 https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.2F_4.3.1_.282017-08-10.29 https://access.redhat.com/security/cve/CVE-2017-1000116 https://bugzilla.redhat.com/show_bug.cgi?id=1479915 • CWE-20: Improper Input Validation CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •

CVSS: 7.5EPSS: 1%CPEs: 13EXPL: 0

Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository Las versiones anteriores a la 4.3 de Mercurial son vulnerables a una falta de comprobación de symlink. Los repositorios maliciosos pueden aprovecharse de esto para modificar archivos fuera del repositorio. A vulnerability was found in the way Mercurial handles path auditing and caches the results. An attacker could abuse a repository with a series of commits mixing symlinks and regular files/directories to trick Mercurial into writing outside of a given repository. • http://www.debian.org/security/2017/dsa-3963 http://www.securityfocus.com/bid/100290 https://access.redhat.com/errata/RHSA-2017:2489 https://security.gentoo.org/glsa/201709-18 https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.2F_4.3.1_.282017-08-10.29 https://access.redhat.com/security/cve/CVE-2017-1000115 https://bugzilla.redhat.com/show_bug.cgi?id=1480330 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-59: Improper Link Resolution Before File Access ('Link Following') •