Описание
The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command.
Ссылки
- Exploit
- Vendor Advisory
- Exploit
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
Конфигурация 2Версия до 3.2.3 (включая)
cpe:2.3:a:mercurial:mercurial:*:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01289
Низкий
7.5 High
CVSS2
Дефекты
CWE-20
Связанные уязвимости
ubuntu
почти 11 лет назад
The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command.
redhat
около 11 лет назад
The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command.
debian
почти 11 лет назад
The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows ...
EPSS
Процентиль: 79%
0.01289
Низкий
7.5 High
CVSS2
Дефекты
CWE-20