Vulnerabilities > Mercurial > Mercurial
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-10-05 | CVE-2017-1000115 | Link Following vulnerability in multiple products Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository | 5.0 |
| 2017-06-06 | CVE-2017-9462 | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name. | 9.0 |
| 2016-05-09 | CVE-2016-3105 | Improper Access Control vulnerability in multiple products The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name. | 6.8 |
| 2016-04-13 | CVE-2016-3630 | Data Processing Errors vulnerability in multiple products The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records. | 8.8 |
| 2016-04-13 | CVE-2016-3069 | Improper Input Validation vulnerability in multiple products Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository. | 6.8 |
| 2016-04-13 | CVE-2016-3068 | Improper Input Validation vulnerability in multiple products Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository. | 6.8 |
| 2015-03-31 | CVE-2014-9462 | Improper Input Validation vulnerability in multiple products The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command. | 7.5 |
| 2008-09-27 | CVE-2008-4297 | Permissions, Privileges, and Access Controls vulnerability in Mercurial Mercurial before 1.0.2 does not enforce the allowpull permission setting for a pull operation from hgweb, which allows remote attackers to read arbitrary files from a repository via an "hg pull" request. | 5.0 |
| 2008-06-30 | CVE-2008-2942 | Path Traversal vulnerability in Mercurial 1.0.1 Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." (dot dot) sequences in a patch file. | 6.8 |