Page 4 of 24 results (0.008 seconds)

CVSS: 9.0EPSS: 2%CPEs: 18EXPL: 0

CVE-2017-9462 – mercurial: Python debugger accessible to authorized users

https://notcve.org/view.php?id=CVE-2017-9462

In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name. En Mercurial, en versiones anteriores a la 4.1.3, \"hg serve --stdio\" permite que usuarios autenticados remotos inicien el depurador de Python y, como consecuencia, ejecuten código arbitrario utilizando --debugger como nombre del repositorio. A flaw was found in the way "hg serve --stdio" command in Mercurial handled command-line options. A remote, authenticated attacker could use this flaw to execute arbitrary code on the Mercurial server by using specially crafted command-line options. • http://www.debian.org/security/2017/dsa-3963 http://www.securityfocus.com/bid/99123 https://access.redhat.com/errata/RHSA-2017:1576 https://bugs.debian.org/861243 https://lists.debian.org/debian-lts-announce/2018/07/msg00005.html https://security.gentoo.org/glsa/201709-18 https://www.mercurial-scm.org/repo/hg/rev/77eaf9539499 https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.1.3_.282017-4-18.29 https://access.redhat.com/security/cve/CVE-2017-9462 https: • CWE-284: Improper Access Control CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0

CVE-2016-3105

https://notcve.org/view.php?id=CVE-2016-3105

The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name. La extensión convert en Mercurial en versiones anteriores a 3.8 podría permitir a atacantes dependientes de contexto ejecutar código arbitrario a través de un nombre de repositorio git manipulado. • http://lists.opensuse.org/opensuse-updates/2016-05/msg00082.html http://www.debian.org/security/2016/dsa-3570 http://www.securityfocus.com/bid/90536 http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.533255 https://security.gentoo.org/glsa/201612-19 https://selenic.com/hg/rev/a56296f55a5e https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.8_.2F_3.8.1_.282016-5-1.29 • CWE-284: Improper Access Control •

CVSS: 8.8EPSS: 3%CPEs: 11EXPL: 0

CVE-2016-3630

https://notcve.org/view.php?id=CVE-2016-3630

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records. El decodificador delta binario en Mercurial en versiones anteriores a 3.7.3 permite a atacantes remotos ejecutar código arbitrario a través de un comando (1) clone, (2) push o (3) pull, relacionado con (a) un error de redondeo del tamaño de lista y (b) registros cortos. • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html http://www.debian.org/security/2016/dsa-3542 http • CWE-19: Data Processing Errors •

CVSS: 8.8EPSS: 5%CPEs: 18EXPL: 0

CVE-2016-3068 – mercurial: command injection via git subrepository urls

https://notcve.org/view.php?id=CVE-2016-3068

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository. Mercurial en versiones anteriores a 3.7.3 permite a atacantes remotos ejecutar código arbitrario a través de una URL git ext:: manipulada cuando se clona un subrepositorio. It was discovered that Mercurial failed to properly check Git sub-repository URLs. A Mercurial repository that includes a Git sub-repository with a specially crafted URL could cause Mercurial to execute arbitrary code. • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html http://rhn.redhat.com/errata/RHSA-2016-0706.html&# • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 8.8EPSS: 4%CPEs: 18EXPL: 0

CVE-2016-3069 – mercurial: convert extension command injection via git repository names

https://notcve.org/view.php?id=CVE-2016-3069

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository. Mercurial en versiones anteriores a 3.7.3 permite a atacantes remotos ejecutar código arbitrario a través de un nombre manipulado cuando se convierte un repositorio Git. It was discovered that the Mercurial convert extension failed to sanitize special characters in Git repository names. A Git repository with a specially crafted name could cause Mercurial to execute arbitrary code when the Git repository was converted to a Mercurial repository. • http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html http://rhn.redhat.com/errata/RHSA-2016-0706.html&# • CWE-20: Improper Input Validation CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •