Описание
The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | ignored | end of life |
| bionic | released | 4.5.3-1ubuntu2.1 |
| cosmic | not-affected | 4.6.1-1ubuntu1 |
| devel | not-affected | 4.6.1-1ubuntu1 |
| esm-apps/bionic | released | 4.5.3-1ubuntu2.1 |
| esm-apps/xenial | released | 3.7.3-1ubuntu1.1 |
| esm-infra-legacy/trusty | released | 2.8.2-1ubuntu1.4 |
| precise/esm | DNE | |
| trusty | released | 2.8.2-1ubuntu1.4 |
| trusty/esm | released | 2.8.2-1ubuntu1.4 |
Показывать по
EPSS
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001.
The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001.
The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 misha ...
Mercurial Improper Input Validation vulnerability
Уязвимость функции mpatch_decode программного средства управления версиями Mercuria, позволяющая нарушителю оказать воздействие на целостность данных
EPSS
5 Medium
CVSS2
7.5 High
CVSS3