Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2018-1000132

Опубликовано: 08 мар. 2018
Источник: redhat
CVSS3: 6.5

Описание

Mercurial version 4.5 and earlier contains a Incorrect Access Control (CWE-285) vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 6mercurialWill not fix
Red Hat Enterprise Linux 8mercurialNot affected
Red Hat Enterprise Linux 7mercurialFixedRHSA-2019:227606.08.2019

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-20
https://bugzilla.redhat.com/show_bug.cgi?id=1553265mercurial: HTTP server permissions bypass

6.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2018-1000132

CVSS3: 9.1
ubuntu
почти 8 лет назад

Mercurial version 4.5 and earlier contains a Incorrect Access Control (CWE-285) vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1.

nvd логотип

CVE-2018-1000132

CVSS3: 9.1
nvd
почти 8 лет назад

Mercurial version 4.5 and earlier contains a Incorrect Access Control (CWE-285) vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1.

debian логотип

CVE-2018-1000132

CVSS3: 9.1
debian
почти 8 лет назад

Mercurial version 4.5 and earlier contains a Incorrect Access Control ...

suse-cvrf логотип

openSUSE-SU-2018:0917-1

suse-cvrf
почти 8 лет назад

Security update for mercurial

suse-cvrf логотип

SUSE-SU-2018:0933-1

suse-cvrf
почти 8 лет назад

Security update for mercurial

6.5 Medium

CVSS3