Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mercurial mercurial vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2014-9390
Git prior to 1.8.5.6, 1.9.x prior to 1.9.5, 2.0.x prior to 2.0.5, 2.1.x prior to 2.1.4, and 2.2.x prior to 2.2.1 on Windows and OS X; Mercurial prior to 3.2.3 on Windows and OS X; Apple Xcode prior to 6.2 beta 3; mine all versions prior to 08-12-2014; libgit2 all versions up to 0...
Git-scm Git
Mercurial Mercurial
Apple Xcode
Apple Xcode 6.2
Eclipse Egit
Eclipse Jgit
Libgit2 Libgit2
2 Metasploit modules
4 Github repositories
5.9
CVSSv3
CVE-2010-4237
Mercurial prior to 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack.
Mercurial Mercurial
5.9
CVSSv3
CVE-2019-3902
A flaw was found in Mercurial prior to 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial's path-checking logic and write files outside a repository.
Mercurial Mercurial
Redhat Enterprise Linux 7.0
Debian Debian Linux 8.0
8.8
CVSSv3
CVE-2018-20234
There was an argument injection vulnerability in Atlassian Sourcetree for macOS from version 1.2 before version 3.1.1 via filenames in Mercurial repositories. A remote attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit t...
Atlassian Sourcetree
8.8
CVSSv3
CVE-2018-20235
There was an argument injection vulnerability in Atlassian Sourcetree for Windows from version 0.5a before version 3.0.15 via filenames in Mercurial repositories. A remote attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exp...
Atlassian Sourcetree
8.8
CVSSv3
CVE-2018-13396
There was an argument injection vulnerability in Sourcetree for macOS from version 1.0b2 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this ...
Atlassian Sourcetree 1.0
Atlassian Sourcetree
8.8
CVSSv3
CVE-2018-13397
There was an argument injection vulnerability in Sourcetree for Windows from version 0.5.1.0 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit...
Atlassian Sourcetree
9.1
CVSSv3
CVE-2018-17983
cext/manifest.c in Mercurial prior to 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry.
Mercurial Mercurial
9.8
CVSSv3
CVE-2018-13385
There was an argument injection vulnerability in Sourcetree for macOS via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system. Versio...
Atlassian Sourcetree
Atlassian Sourcetree 1.0
8.1
CVSSv3
CVE-2018-13386
There was an argument injection vulnerability in Sourcetree for Windows via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. Ve...
Atlassian Sourcetree
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »