11 matches found
MGASA-2025-0120 Updated mercurial packages fix security vulnerability
Mercurial SCM Web Interface cross site scripting. CVE-2025-2361...
Updated mercurial packages fix security vulnerability
Mercurial SCM Web Interface cross site scripting. CVE-2025-2361...
Debian: Security Advisory (DSA-5883-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2019-0250 Updated mercurial packages fix security vulnerability
It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this vulnerability to write arbitrary files to the target’s filesystem CVE-2019-3902...
Updated mercurial packages fix security vulnerability
An out-of-bounds read during parsing of a malformed manifest entry CVE-2018-17983...
MGASA-2018-0442 Updated mercurial packages fix security vulnerability
An out-of-bounds read during parsing of a malformed manifest entry CVE-2018-17983...
MGASA-2018-0041 Updated mercurial packages fix security vulnerability
A specially malformed repository may have caused Git subrepositories to run arbitrary code CVE-2017-17458...
openSUSE Security Update : mercurial (openSUSE-2017-1388)
This update for mercurial fixes the following issue : - CVE-2017-17458: A specially malformed repository may have caused Git subrepositories to run arbitrary code bsc1071715 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
MGASA-2016-0172 Updated mercurial packages fix security vulnerability
This update fixes possible arbitrary code execution when converting Git repos. Mercurial prior to 3.8 allowed arbitrary code execution when using the convert extension on Git repos with hostile names. This could affect automated code conversion services that allow arbitrary repository names. This...
Slackware mercurial packet arbitrary code execution vulnerability (CNVD-2016-02025)
Slackware is an open source GNU/Linux operating system developed by software developer Patrick Volkerding. A security vulnerability exists in Slackware's mercurial packets. A remote attacker could exploit the vulnerability to execute arbitrary code...
MGASA-2015-0129 Updated mercurial packages fix CVE-2014-9462
Updated mercurial packages fix security vulnerability: The mercurial source code management system suffers from a code-injection flaw due to insufficient shell quoting in sshpeer.validaterepo CVE-2014-9462...