27 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-3902
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial's path-checking logic and write files outside ...
RHEL 8 : mercurial (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - mercurial: Path-checking logic bypass via symlinks and subrepositories CVE-2019-3902 Note that Nessus has not teste...
Ubuntu 16.04 ESM : Mercurial vulnerabilities (USN-5102-2)
The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5102-2 advisory. USN-5102-1 fixed vulnerabilities in Mercurial. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...
BELL-CVE-2019-3902 CVE-2019-3902 does not affect BellSoft software
Bulletin has no description...
USN-5102-1: Mercurial vulnerabilities | Cloud Foundry
Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Several security issues were fixed in Mercurial. CVEs contained in this USN include: CVE-2018-17983, CVE-2019-3902. Affected Cloud Foundry Products and Versions Severity is medium unless otherwise noted...
Ubuntu: Security Advisory (USN-5102-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
USN-5102-1: Mercurial vulnerabilities
It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this issue to write arbitrary files to the target’s filesystem. CVE-2019-3902 It was discovered that Mercurial incorrectly handled certain manifest files. An attacker could use this issue to cause a...
Ubuntu 18.04 LTS : Mercurial vulnerabilities (USN-5102-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5102-1 advisory. It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this issue to write arbitrary files to the targets...
Advisory ROSA-SA-2021-1918
Software: mercurial 2.6.2 OS: Cobalt 7.9 CVE-ID: CVE-2014-9462 CVE-Crit: CRITICAL CVE-DESC: The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via the created repository name in the clone command. CVE-STATUS: default CVE-REV: defau...
SUSE: Security Advisory (SUSE-SU-2020:1709-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2020:1709-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE-SU-2020:3003-1 Security update for mercurial
This update for mercurial fixes the following issues: Security issue fixed: - CVE-2019-3902: Fixed incorrect patch-checking with symlinks and subrepos bsc1133035...
Debian DLA-2293-1 : mercurial security update
Several vulnerabilities were discovered in mercurial, an easy-to-use, scalable distributed version control system. CVE-2017-17458 In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a...
Debian: Security Advisory (DLA-2293-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : mercurial (openSUSE-2020-869)
This update for mercurial fixes the following issues : Security issue fixed : - CVE-2019-3902: Fixed incorrect patch-checking with symlinks and subrepos bsc1133035. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and packa...
openSUSE Security Update : mercurial (openSUSE-2020-880)
This update for mercurial fixes the following issues : Security issue fixed : - CVE-2019-3902: Fixed incorrect patch-checking with symlinks and subrepos bsc1133035. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and packa...
SUSE SLED15 / SLES15 Security Update : mercurial (SUSE-SU-2020:1709-2)
This update for mercurial fixes the following issues : Security issue fixed : CVE-2019-3902: Fixed incorrect patch-checking with symlinks and subrepos bsc1133035. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...
SUSE SLED15 / SLES15 Security Update : mercurial (SUSE-SU-2020:1709-1)
This update for mercurial fixes the following issues : Security issue fixed : CVE-2019-3902: Fixed incorrect patch-checking with symlinks and subrepos bsc1133035. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...
openSUSE: Security Advisory for mercurial (openSUSE-SU-2020:0880-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
OPENSUSE-SU-2020:0880-1 Security update for mercurial
This update for mercurial fixes the following issues: Security issue fixed: - CVE-2019-3902: Fixed incorrect patch-checking with symlinks and subrepos bsc1133035. This update was imported from the SUSE:SLE-15:Update update project...