Lucene search
RedhatCVELIST:CVE-2019-3902HistoryApr 22, 2019 - 3:29 p.m.
CVE-2019-3902
2019-04-2215:29:13
CWE-22
redhat
www.cve.org
1
5.1 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
5.8 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
61.2%
A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial’s path-checking logic and write files outside a repository.
CNA Affected
[
{
"product": "mercurial",
"vendor": "The Mercurial Project",
"versions": [
{
"status": "affected",
"version": "before 4.9"
}
]
}
]Related
openvas
openvas
Ubuntu: Security Advisory (USN-4086-1)
2019-08-07 00:00:00
Mageia: Security Advisory (MGASA-2019-0250)
2022-01-28 00:00:00
openSUSE: Security Advisory for mercurial (openSUSE-SU-2020:0880-1)
2020-06-28 00:00:00
nessus
nessus
Photon OS 1.0: Mercurial PHSA-2019-1.0-0235
2019-05-28 00:00:00
Debian DLA-1764-1 : mercurial security update
2019-04-26 00:00:00
RHEL 8 : mercurial (Unpatched Vulnerability)
2024-06-03 00:00:00
debiancve
debiancve
CVE-2019-3902
2019-04-22 16:29:01
cve
cve
CVE-2019-3902
2019-04-22 16:29:01
osv
osv
CVE-2019-3902
2019-04-22 16:29:01
mercurial - security update
2019-04-25 00:00:00
PYSEC-2019-188
2019-04-22 16:29:00
ubuntucve
ubuntucve
CVE-2019-3902
2019-04-22 00:00:00
alpinelinux
alpinelinux
CVE-2019-3902
2019-04-22 16:29:01
redhatcve
redhatcve
CVE-2019-3902
2019-04-18 17:19:51
mageia
mageia
Updated mercurial packages fix security vulnerability
2019-09-07 00:09:08
nvd
nvd
CVE-2019-3902
2019-04-22 16:29:01
github
github
Mercurial Path Traversal/Link Following vulnerability
2022-02-15 01:13:11
veracode
veracode
Arbitrary File Write
2019-04-23 08:10:52
prion
prion
Design/Logic Flaw
2019-04-22 16:29:00
suse
suse
Security update for mercurial (low)
2020-06-27 00:00:00
Security update for mercurial (low)
2020-06-26 00:00:00
debian
debian
[SECURITY] [DLA 1764-1] mercurial security update
2019-04-25 17:31:46
[SECURITY] [DLA 2293-1] mercurial security update
2020-07-31 11:06:17
ubuntu
ubuntu
Mercurial vulnerability
2019-08-06 00:00:00
Mercurial vulnerabilities
2021-10-04 00:00:00
Mercurial vulnerabilities
2021-03-16 00:00:00
cloudfoundry
cloudfoundry
USN-5102-1: Mercurial vulnerabilities | Cloud Foundry
2021-10-28 00:00:00
photon
photon
rosalinux
rosalinux
Advisory ROSA-SA-2021-1918
2021-07-02 17:29:24
5.1 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
5.8 Medium
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
61.2%
Related for CVELIST:CVE-2019-3902