GHSA-3PMW-H7J4-RF54 Mercurial vulnerable to arbitrary command execution via a crafted repository name in a clone command
The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command...