SecPod SCAP Repo, a repository of SCAP Content (CVE, CCE, CPE, CWE, OVAL and XCCDF)

[Forgot Password]

Sample Queries

Paid content will be excluded from the download.

Download | Alert*

OVAL

DSA-3257-1 mercurial -- mercurial

ID: oval:org.secpod.oval:def:602086	Date: (C)2015-05-27 (M)2021-09-11
Class: PATCH	Family: unix

Jesse Hertz of Matasano Security discovered that Mercurial, a distributed version control system, is prone to a command injection vulnerability via a crafted repository name in a clone command.

Platform:

Debian 8.x

Debian 7.x

Product:

mercurial

Reference:

CVE-2014-9390
CVE-2014-9462

CPE 4

cpe:/a:mercurial:mercurial
cpe:/o:debian:debian_linux:7.x
cpe:/o:debian:debian_linux:8.x
cpe:/a:mercurial:mercurial:3.2.3
...


30479



423868



248149



909



194803



282