Mercurial Security Vulnerabilities and Issues — Mercurial CVE List

Lucene search

MercurialMercurial

4 matches found

CVE•added 2016/04/13 4:59 p.m.•76 views

CVE-2016-3068

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.

8.8CVSS8.7AI score0.02848EPSS

CVE•added 2016/04/13 4:59 p.m.•75 views

CVE-2016-3069

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.

8.8CVSS8.7AI score0.0221EPSS

CVE•added 2016/04/13 4:59 p.m.•71 views

CVE-2016-3630

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records.

8.8CVSS8.7AI score0.05192EPSS

CVE•added 2016/05/09 8:59 p.m.•56 views

CVE-2016-3105

The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name.

8.8CVSS8.6AI score0.00555EPSS