Lucene search
K

19 matches found

Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.23 views

RHEL 7 : mercurial (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - mercurial: arbitrary command execution in mercurial repo with a git submodule CVE-2017-17458 - The...

9.8CVSS8.8AI score0.06331EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.15 views

Debian: Security Advisory (DLA-1224-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.6AI score0.06331EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.19 views

Mageia: Security Advisory (MGASA-2018-0041)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.6AI score0.06331EPSS
Exploits0References4
Rosalinux
Rosalinux
added 2021/07/02 5:29 p.m.34 views

Advisory ROSA-SA-2021-1918

Software: mercurial 2.6.2 OS: Cobalt 7.9 CVE-ID: CVE-2014-9462 CVE-Crit: CRITICAL CVE-DESC: The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via the created repository name in the clone command. CVE-STATUS: default CVE-REV: defau...

10CVSS8.2AI score0.06331EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/05/03 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for mercurial (EulerOS-SA-2021-1816)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.6AI score0.06331EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/11/24 12:0 a.m.36 views

EulerOS 2.0 SP2 : mercurial (EulerOS-SA-2020-2367)

According to the version of the mercurial package installed, the EulerOS installation on the remote host is affected by the following vulnerability : - In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form o...

10CVSS7.6AI score0.06331EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/11/04 12:0 a.m.18 views

Huawei EulerOS: Security Advisory for mercurial (EulerOS-SA-2020-2367)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS9.7AI score0.06331EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/08/03 12:0 a.m.41 views

Debian DLA-2293-1 : mercurial security update

Several vulnerabilities were discovered in mercurial, an easy-to-use, scalable distributed version control system. CVE-2017-17458 In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a...

10CVSS7.5AI score0.06331EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2020/08/01 12:0 a.m.21 views

Debian: Security Advisory (DLA-2293-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.8AI score0.06331EPSS
Exploits0References4
Debian
Debian
added 2018/07/27 6:52 p.m.24 views

[SECURITY] [DLA 1414-2] mercurial regression update

Package : mercurial Version : 3.1.2-2+deb8u6 CVE ID : CVE-2017-17458 The fix for arbitrary code execution documented in CVE-2017-17458 was incomplete in the previous upload. A more exhaustive change was implemented upstream and completely disables non-Mercurial subrepositories unless users change...

10CVSS7.3AI score0.06331EPSS
Exploits0
OpenVAS
OpenVAS
added 2018/07/09 12:0 a.m.30 views

Debian: Security Advisory (DLA-1414-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS8.8AI score0.21512EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2018/07/06 12:0 a.m.46 views

Debian DLA-1414-2 : mercurial regression update

The fix for arbitrary code execution documented in CVE-2017-17458 was incomplete in the previous upload. A more exhaustive change was implemented upstream and completely disables non-Mercurial subrepositories unless users changed the subrepos.allowed setting. For Debian 8 'Jessie', this problem h...

10CVSS7.9AI score0.06331EPSS
Exploits0References3
OSV
OSV
added 2018/01/17 9:45 p.m.11 views

SUSE-SU-2018:0127-1 Security update for mercurial

This update for mercurial fixes the following issues: - CVE-2017-17458: In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of...

10CVSS9.4AI score0.06331EPSS
Exploits0References3
OSV
OSV
added 2018/01/17 9:44 p.m.5 views

SUSE-SU-2018:0129-1 Security update for mercurial

This update for mercurial fixes the following issues: - CVE-2017-17458: In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of...

10CVSS9.4AI score0.06331EPSS
Exploits0References3
OSV
OSV
added 2018/01/03 2:22 p.m.9 views

MGASA-2018-0041 Updated mercurial packages fix security vulnerability

A specially malformed repository may have caused Git subrepositories to run arbitrary code CVE-2017-17458...

10CVSS9.6AI score0.06331EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2017/12/18 12:0 a.m.43 views

openSUSE Security Update : mercurial (openSUSE-2017-1388)

This update for mercurial fixes the following issue : - CVE-2017-17458: A specially malformed repository may have caused Git subrepositories to run arbitrary code bsc1071715 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...

10CVSS7.4AI score0.06331EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2017/12/07 6:29 p.m.30 views

CVE-2017-17458

In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be...

10CVSS7AI score0.06331EPSS
Exploits0References4
Cvelist
Cvelist
added 2017/12/07 6:0 p.m.22 views

CVE-2017-17458

In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be...

9.2AI score0.06331EPSS
Exploits0References9
CVE
CVE
added 2017/12/07 6:0 p.m.109 views

CVE-2017-17458

CVE-2017-17458 affects Mercurial prior to 4.4.1. A specially malformed repository can cause Git subrepositories to execute arbitrary code via a checked-in .git/hooks/post-update script. This condition can occur despite typical Mercurial usage preventing such repositories, though they can be creat...

10CVSS9AI score0.06331EPSS
Exploits0References9Affected Software1
Rows per page
Query Builder