Lucene search
K

27 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2019-3902

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial's path-checking logic and write files outside ...

5.9CVSS6.1AI score0.01413EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/03 12:0 a.m.22 views

RHEL 8 : mercurial (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - mercurial: Path-checking logic bypass via symlinks and subrepositories CVE-2019-3902 Note that Nessus has not teste...

5.9CVSS7AI score0.01413EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/10/20 12:0 a.m.34 views

Ubuntu 16.04 ESM : Mercurial vulnerabilities (USN-5102-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5102-2 advisory. USN-5102-1 fixed vulnerabilities in Mercurial. This update provides the corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Tenable has...

9.1CVSS6.8AI score0.02033EPSS
Exploits0References3
OSV
OSV
added 2023/08/31 12:15 p.m.1 views

BELL-CVE-2019-3902 CVE-2019-3902 does not affect BellSoft software

Bulletin has no description...

5.9CVSS5.8AI score0.01413EPSS
Exploits0References1
Cloud Foundry
Cloud Foundry
added 2021/10/28 12:0 a.m.30 views

USN-5102-1: Mercurial vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Several security issues were fixed in Mercurial. CVEs contained in this USN include: CVE-2018-17983, CVE-2019-3902. Affected Cloud Foundry Products and Versions Severity is medium unless otherwise noted...

9.1CVSS7.4AI score0.02033EPSS
Exploits0Affected Software2
OpenVAS
OpenVAS
added 2021/10/05 12:0 a.m.22 views

Ubuntu: Security Advisory (USN-5102-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS6.7AI score0.02033EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2021/10/04 5:25 p.m.114 views

USN-5102-1: Mercurial vulnerabilities

It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this issue to write arbitrary files to the target’s filesystem. CVE-2019-3902 It was discovered that Mercurial incorrectly handled certain manifest files. An attacker could use this issue to cause a...

9.1CVSS6.9AI score0.02033EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2021/10/04 12:0 a.m.30 views

Ubuntu 18.04 LTS : Mercurial vulnerabilities (USN-5102-1)

The remote Ubuntu 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-5102-1 advisory. It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this issue to write arbitrary files to the targets...

9.1CVSS7.3AI score0.02033EPSS
Exploits0References3
Rosalinux
Rosalinux
added 2021/07/02 5:29 p.m.34 views

Advisory ROSA-SA-2021-1918

Software: mercurial 2.6.2 OS: Cobalt 7.9 CVE-ID: CVE-2014-9462 CVE-Crit: CRITICAL CVE-DESC: The validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via the created repository name in the clone command. CVE-STATUS: default CVE-REV: defau...

10CVSS8.2AI score0.06331EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.15 views

SUSE: Security Advisory (SUSE-SU-2020:1709-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.2AI score0.01413EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.14 views

SUSE: Security Advisory (SUSE-SU-2020:1709-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5.9CVSS6.2AI score0.01413EPSS
Exploits0References2
OSV
OSV
added 2020/10/22 2:14 p.m.8 views

SUSE-SU-2020:3003-1 Security update for mercurial

This update for mercurial fixes the following issues: Security issue fixed: - CVE-2019-3902: Fixed incorrect patch-checking with symlinks and subrepos bsc1133035...

5.9CVSS6AI score0.01413EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/08/03 12:0 a.m.41 views

Debian DLA-2293-1 : mercurial security update

Several vulnerabilities were discovered in mercurial, an easy-to-use, scalable distributed version control system. CVE-2017-17458 In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a...

10CVSS7.5AI score0.06331EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2020/08/01 12:0 a.m.21 views

Debian: Security Advisory (DLA-2293-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

10CVSS7.8AI score0.06331EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.28 views

openSUSE Security Update : mercurial (openSUSE-2020-869)

This update for mercurial fixes the following issues : Security issue fixed : - CVE-2019-3902: Fixed incorrect patch-checking with symlinks and subrepos bsc1133035. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and packa...

5.9CVSS6.2AI score0.01413EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/07/20 12:0 a.m.32 views

openSUSE Security Update : mercurial (openSUSE-2020-880)

This update for mercurial fixes the following issues : Security issue fixed : - CVE-2019-3902: Fixed incorrect patch-checking with symlinks and subrepos bsc1133035. This update was imported from the SUSE:SLE-15:Update update project. C Tenable Network Security, Inc. The descriptive text and packa...

5.9CVSS6.2AI score0.01413EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/07/16 12:0 a.m.30 views

SUSE SLED15 / SLES15 Security Update : mercurial (SUSE-SU-2020:1709-2)

This update for mercurial fixes the following issues : Security issue fixed : CVE-2019-3902: Fixed incorrect patch-checking with symlinks and subrepos bsc1133035. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...

5.9CVSS6.3AI score0.01413EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2020/07/09 12:0 a.m.36 views

SUSE SLED15 / SLES15 Security Update : mercurial (SUSE-SU-2020:1709-1)

This update for mercurial fixes the following issues : Security issue fixed : CVE-2019-3902: Fixed incorrect patch-checking with symlinks and subrepos bsc1133035. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...

5.9CVSS6.3AI score0.01413EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2020/06/28 12:0 a.m.26 views

openSUSE: Security Advisory for mercurial (openSUSE-SU-2020:0880-1)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

5.9CVSS6.2AI score0.01413EPSS
Exploits0References2
OSV
OSV
added 2020/06/27 8:16 a.m.4 views

OPENSUSE-SU-2020:0880-1 Security update for mercurial

This update for mercurial fixes the following issues: Security issue fixed: - CVE-2019-3902: Fixed incorrect patch-checking with symlinks and subrepos bsc1133035. This update was imported from the SUSE:SLE-15:Update update project...

5.9CVSS7.4AI score0.01413EPSS
Exploits0References3
Rows per page
Query Builder