Vulnerabilities > Mercurial > Mercurial > 4.5.1
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-04-22 | CVE-2019-3902 | Link Following vulnerability in multiple products A flaw was found in Mercurial before 4.9. | 5.8 |
2018-10-04 | CVE-2018-17983 | Out-of-bounds Read vulnerability in Mercurial cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry. | 6.4 |
2018-07-06 | CVE-2018-13348 | Improper Input Validation vulnerability in Mercurial The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001. | 5.0 |
2018-07-06 | CVE-2018-13347 | Integer Overflow or Wraparound vulnerability in Mercurial mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002. | 7.5 |
2018-07-06 | CVE-2018-13346 | Improper Input Validation vulnerability in Mercurial The mpatch_apply function in mpatch.c in Mercurial before 4.6.1 incorrectly proceeds in cases where the fragment start is past the end of the original data, aka OVE-20180430-0004. | 5.0 |