Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2014-9462

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone...

7.5CVSS7.2AI score0.04199EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.23 views

RHEL 7 : mercurial (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mercurial: arbitrary command execution in mercurial repo with a git submodule CVE-2017-17458 - The...

9.8CVSS8.8AI score0.06331EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2022/05/26 12:0 a.m.48 views

EulerOS 2.0 SP3 : mercurial (EulerOS-SA-2022-1747)

According to the versions of the mercurial package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository...

8.8CVSS7.5AI score0.04832EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2022/05/25 12:0 a.m.13 views

Huawei EulerOS: Security Advisory for mercurial (EulerOS-SA-2022-1747)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.3AI score0.04832EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/03/21 12:0 a.m.16 views

Huawei EulerOS: Security Advisory for mercurial (EulerOS-SA-2022-1331)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS8.3AI score0.04832EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.16 views

Mageia: Security Advisory (MGASA-2015-0129)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.04199EPSS
Exploits1References5
Rosalinux
Rosalinux
added 2021/07/02 5:29 p.m.34 views

Advisory ROSA-SA-2021-1918

Software: mercurial 2.6.2 OS: Cobalt 7.9 CVE-ID: CVE-2014-9462 CVE-Crit: CRITICAL CVE-DESC: The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via the created repository name in the clone command. CVE-STATUS: default CVE-REV: defau...

10CVSS8.2AI score0.06331EPSS
Exploits1
Debian
Debian
added 2015/06/04 7:24 a.m.84 views

[SECURITY] [DLA 237-1] mercurial security update

Package : mercurial Version : 1.6.4-1+deb6u1 CVE ID : CVE-2014-9390 CVE-2014-9462 CVE-2014-9462 Jesse Hertz of Matasano Security discovered that Mercurial, a distributed version control system, is prone to a command injection vulnerability via a crafted repository name in a clone command...

9.8CVSS7.2AI score0.63178EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2015/05/12 12:0 a.m.30 views

Debian DSA-3257-1 : mercurial - security update

Jesse Hertz of Matasano Security discovered that Mercurial, a distributed version control system, is prone to a command injection vulnerability via a crafted repository name in a clone command. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this...

9.8CVSS7.3AI score0.63178EPSS
Exploits6References6
Debian
Debian
added 2015/05/11 8:5 p.m.35 views

[SECURITY] [DSA 3257-1] mercurial security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3257-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 11, 2015 http://www.debian.org/security/faq -...

7.5CVSS1.8AI score0.63178EPSS
Exploits6
Debian
Debian
added 2015/05/11 8:5 p.m.36 views

[SECURITY] [DSA 3257-1] mercurial security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3257-1 [email protected] http://www.debian.org/security/ Salvatore Bonaccorso May 11, 2015 http://www.debian.org/security/faq -...

9.8CVSS9.4AI score0.63178EPSS
Exploits6
OSV
OSV
added 2015/04/03 1:11 p.m.8 views

MGASA-2015-0129 Updated mercurial packages fix CVE-2014-9462

Updated mercurial packages fix security vulnerability: The mercurial source code management system suffers from a code-injection flaw due to insufficient shell quoting in sshpeer.validaterepo CVE-2014-9462...

7.5CVSS9.4AI score0.04199EPSS
Exploits1References4
NVD
NVD
added 2015/03/31 2:59 p.m.15 views

CVE-2014-9462

The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command...

7.5CVSS9.7AI score0.04199EPSS
Exploits1References7
UbuntuCve
UbuntuCve
added 2015/03/31 2:59 p.m.32 views

CVE-2014-9462

The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command...

7.5CVSS7.2AI score0.04199EPSS
Exploits1References3
OSV
OSV
added 2015/03/31 2:59 p.m.5 views

UBUNTU-CVE-2014-9462

The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command...

7.5CVSS7.2AI score0.04199EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2015/03/31 2:0 p.m.26 views

CVE-2014-9462

The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command...

7.5CVSS9.2AI score0.04199EPSS
Exploits1
CVE
CVE
added 2015/03/31 2:0 p.m.84 views

CVE-2014-9462

CVE-2014-9462 affects Mercurial prior to 3.2.4, via the _validaterepo function in sshpeer, allowing remote attackers to execute arbitrary commands in a clone operation by crafting the repository name. Impact: remote command execution with partial confidentiality/integrity/availability implication...

7.5CVSS9.2AI score0.04199EPSS
Exploits1References7Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/03/30 12:0 a.m.34 views

openSUSE Security Update : mercurial (openSUSE-2015-268)

mercurial was updated to fix a command Injection via sshpeer.validaterepo CVE-2014-9462, bnc923070. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update openSUSE-2015-268. The text description of...

7.5CVSS7AI score0.04199EPSS
Exploits1References2
OSV
OSV
added 2015/03/23 5:10 p.m.6 views

SUSE-SU-2015:0817-1 Security update for mercurial

mercurial was updated to fix a potential command injection via sshpeer.validaterepo CVE-2014-9462 Security Issues: CVE-2014-9462...

7.5CVSS9.6AI score0.04199EPSS
Exploits1References3
Rows per page
Query Builder