EUVD-2017-0071

Malware in sbrugna...

GHSA-3PMW-H7J4-RF54 Mercurial vulnerable to arbitrary command execution via a crafted repository name in a clone command

The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command...

Ubuntu 18.04 LTS : Mercurial vulnerabilities (USN-5102-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5102-1 advisory. It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this issue to write arbitrary files to the targets...

USN-5102-2 mercurial vulnerabilities

USN-5102-1 fixed vulnerabilities in Mercurial. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this issue to write arbitrary files to...

SUSE-SU-2020:1709-2 Security update for mercurial

This update for mercurial fixes the following issues: Security issue fixed: - CVE-2019-3902: Fixed incorrect patch-checking with symlinks and subrepos bsc1133035...

CVE-2014-9390

Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before...

SUSE-SU-2017:2250-1 Security update for mercurial

This update for mercurial fixes the following issues: - CVE-2017-1000115: path traversal via symlink could lead to unauthorized access bsc1053344 - CVE-2017-1000116: argument injection in SSH URLs could lead to client-side code execution bsc1052696...