VIR Vulnerability Intelligence Relay

Package impact

python PyPI / mercurial

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Published Description Impact
CVE-2017-1000116 critical 9.8 9.8 4y ago Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks. archsusedebianredhat+1
CVE-2017-17458 critical 9.8 9.8 4y ago In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the rep… susedebianpython