Описание
Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.6.4-1 |
| hardy | ignored | end of life |
| lucid | ignored | end of life |
| natty | not-affected | 1.6.4-1 |
| oneiric | not-affected | 1.6.4-1 |
| precise | not-affected | 1.6.4-1 |
| quantal | not-affected | 1.6.4-1 |
| raring | not-affected | 1.6.4-1 |
| saucy | not-affected | 1.6.4-1 |
| upstream | released | 1.6.4 |
Показывать по
Ссылки на источники
4.3 Medium
CVSS2
5.9 Medium
CVSS3
Связанные уязвимости
Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack.
Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack.
Mercurial before 1.6.4 fails to verify the Common Name field of SSL ce ...
Mercurial Improper Certificate Validation vulnerability
4.3 Medium
CVSS2
5.9 Medium
CVSS3