Mercurial Security Vulnerabilities and Issues — Mercurial CVE List

Lucene search

MercurialMercurial

3 matches found

CVE•added 2018/07/06 12:29 a.m.•84 views

CVE-2018-13347

mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002.

9.8CVSS8.9AI score0.00431EPSS

CVE•added 2018/07/06 12:29 a.m.•69 views

CVE-2018-13348

The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001.

7.5CVSS8.3AI score0.00145EPSS

CVE•added 2018/07/06 12:29 a.m.•66 views

CVE-2018-13346

The mpatch_apply function in mpatch.c in Mercurial before 4.6.1 incorrectly proceeds in cases where the fragment start is past the end of the original data, aka OVE-20180430-0004.

7.5CVSS8.3AI score0.00144EPSS