2 matches found
Linux Distros Unpatched Vulnerability : CVE-2010-4237
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate...
CVE-2010-4237
Mercurial prior to version 1.6.4 is affected: it does not verify the Common Name in SSL certificates, enabling a man‑in‑the‑middle attack when an attacker possesses a CA‑signed certificate. The issue is tied to the CN SSL verification logic in Mercurial up to 1.6.4. Affected product: Mercurial (c...