Vulnerabilities > Mercurial > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-10-29 | CVE-2010-4237 | Improper Certificate Validation vulnerability in Mercurial Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack. | 5.9 |
| 2019-04-22 | CVE-2019-3902 | Link Following vulnerability in multiple products A flaw was found in Mercurial before 4.9. | 5.9 |