CVE-2008-2942

Опубликовано: 25 июн. 2008

Источник: redhat

Описание

Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." (dot dot) sequences in a patch file.

Ссылки на источники

Дополнительная информация

Статус:

Low

Дефект:

CWE-20

https://bugzilla.redhat.com/show_bug.cgi?id=453550mercurial: insufficient input validationn allowing file renames out of repository

Связанные уязвимости

CVE-2008-2942

ubuntu

больше 17 лет назад

Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." (dot dot) sequences in a patch file.

CVE-2008-2942

nvd

больше 17 лет назад

Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." (dot dot) sequences in a patch file.

CVE-2008-2942

debian

больше 17 лет назад

Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allow ...

GHSA-v2gw-x5jf-pgwv

github

больше 3 лет назад

Mercurial Directory traversal vulnerability