Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-9462 | 2 Mercurial, Opensuse | 2 Mercurial, Opensuse | 2018-10-30 | 7.5 HIGH | N/A |
| The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command. | |||||
| CVE-2008-4297 | 1 Mercurial | 1 Mercurial | 2018-10-11 | 5.0 MEDIUM | N/A |
| Mercurial before 1.0.2 does not enforce the allowpull permission setting for a pull operation from hgweb, which allows remote attackers to read arbitrary files from a repository via an "hg pull" request. | |||||
| CVE-2008-2942 | 1 Mercurial | 1 Mercurial | 2018-10-11 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." (dot dot) sequences in a patch file. | |||||