Download
| Alert*
[3.5] mercurial: Multiples vulnerabilities (CVE-2017-9462, CVE-2017-1000115, CVE-2017-1000116)
CVE-2017-9462: Python debugger accessible to authorized users In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name.
|