Lucene search
K

22 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2017-1000115

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository CVE-2017-1000115...

7.5CVSS7AI score0.04815EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.31 views

Huawei EulerOS: Security Advisory for mercurial (EulerOS-SA-2017-1218)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.9AI score0.05734EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2018/02/06 12:0 a.m.86 views

Debian: Security Advisory (DLA-1072-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.1AI score0.05734EPSS
Exploits1References3
OSV
OSV
added 2017/10/05 1:29 a.m.33 views

CVE-2017-1000115

Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository...

7.5CVSS6.8AI score
Exploits0References5
OpenVAS
OpenVAS
added 2017/10/05 12:0 a.m.73 views

Fedora Update for mercurial FEDORA-2017-fa1d8ad61a

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.9AI score0.05734EPSS
Exploits1References2
CVE
CVE
added 2017/10/04 1:0 a.m.150 views

CVE-2017-1000115

Mercurial prior to 4.3 is vulnerable due to incomplete symlink auditing, which could allow a malicious repository to write files outside the repository. Multiple connected reports confirm the issue (CVE-2017-1000115) and describe path auditing weaknesses that could enable out-of-tree modification...

7.5CVSS8.2AI score0.04815EPSS
Exploits1References5Affected Software1
AlpineLinux
AlpineLinux
added 2017/10/04 1:0 a.m.37 views

CVE-2017-1000115

Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository...

7.5CVSS8.5AI score0.04815EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2017/09/29 12:0 a.m.32 views

Fedora 25 : mercurial (2017-fa1d8ad61a)

Security fix for CVE-2017-1000115, CVE-2017-1000116 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

10CVSS7AI score0.05734EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2017/09/11 12:0 a.m.34 views

EulerOS 2.0 SP2 : mercurial (EulerOS-SA-2017-1218)

According to the versions of the mercurial package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in the way Mercurial handles path auditing and caches the results. An attacker could abuse a repository with a serie...

10CVSS7.2AI score0.05734EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2017/09/11 12:0 a.m.44 views

EulerOS 2.0 SP1 : mercurial (EulerOS-SA-2017-1217)

According to the versions of the mercurial package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in the way Mercurial handles path auditing and caches the results. An attacker could abuse a repository with a serie...

10CVSS7.2AI score0.05734EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2017/09/05 12:0 a.m.45 views

Debian DSA-3963-1 : mercurial - security update

Several issues were discovered in Mercurial, a distributed revision control system. - CVE-2017-9462 fixed in stretch only Jonathan Claudius of Mozilla discovered that repositories served over stdio could be tricked into granting authorized users access to the Python debugger. - CVE-2017-1000115...

10CVSS7.2AI score0.21512EPSS
Exploits2References12
Debian
Debian
added 2017/09/04 7:5 a.m.42 views

[SECURITY] [DSA 3963-1] mercurial security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3963-1 [email protected] https://www.debian.org/security/ Sebastien Delafond September 04, 2017 https://www.debian.org/security/faq -...

10CVSS9.6AI score0.21512EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2017/09/01 12:0 a.m.34 views

CentOS 7 : mercurial (CESA-2017:2489)

An update for mercurial is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

10CVSS7AI score0.05734EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2017/09/01 12:0 a.m.33 views

Debian DLA-1072-1 : mercurial security update

Two significant vulnerabilities were found in the Mercurial version control system which could lead to shell injection attacks and out-of-tree file overwrite. CVE-2017-1000115 Mercurial's symlink auditing was incomplete prior to 4.3, and could be abused to write to files outside the repository...

10CVSS7.2AI score0.18892EPSS
Exploits3References4
Debian
Debian
added 2017/08/31 11:57 a.m.42 views

[SECURITY] [DLA 1072-1] mercurial security update

Package : mercurial Version : 2.2.2-4+deb7u5 CVE ID : CVE-2017-1000115 CVE-2017-1000116 Debian Bug : 871709 871710 Two significant vulnerabilities were found in the Mercurial version control system which could lead to shell injection attacks and out-of-tree file overwrite. CVE-2017-1000115...

10CVSS9.5AI score0.77823EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2017/08/30 12:0 a.m.32 views

Fedora 26 : mercurial (2017-f03b04acbb)

Security fix for CVE-2017-1000115, CVE-2017-1000116 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

10CVSS7AI score0.05734EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2017/08/22 12:0 a.m.42 views

Scientific Linux Security Update : mercurial on SL7.x x86_64 (20170817)

Security Fixes : - A vulnerability was found in the way Mercurial handles path auditing and caches the results. An attacker could abuse a repository with a series of commits mixing symlinks and regular files/directories to trick Mercurial into writing outside of a given repository. CVE-2017-10001...

10CVSS7.1AI score0.05734EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2017/08/18 12:0 a.m.25 views

RHEL 7 : mercurial (RHSA-2017:2489)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2489 advisory. Mercurial is a fast, lightweight source control management system designed for efficient handling of very large distributed projects. Securi...

10CVSS7.2AI score0.05734EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2017/08/18 12:0 a.m.29 views

openSUSE Security Update : mercurial (openSUSE-2017-941)

This update for mercurial fixes the following issues : Mercurial was updated to 4.2.3, a security fix update for - CVE-2017-1000115: Incomplete symlink auditing allowed writing to files outside of the repository boo1053344 - CVE-2017-1000116: Client-side code execution via argument injection in S...

10CVSS7.5AI score0.05734EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2017/08/18 12:0 a.m.32 views

Oracle Linux 7 : mercurial (ELSA-2017-2489)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-2489 advisory. 2.6.2-8 - Fix CVE-2017-1000115 and CVE-2017-1000116 Tenable has extracted the preceding description block directly from the Oracle Linux security...

10CVSS7.2AI score0.05734EPSS
Exploits1References3
Rows per page
Query Builder