Back to search
CVE-2008-2942
Published: Jun 30, 2008
Modified: Aug 7, 2024
PUBLISHED
Description
Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." (dot dot) sequences in a patch file.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.selenic.com/hg/rev/87c704ac92d4
x_refsource_CONFIRM
mercurial-patch-directory-traversal(43551)
vdb-entry
x_refsource_XF
30072
vdb-entry
x_refsource_BID
https://issues.rpath.com/browse/RPL-2633
x_refsource_CONFIRM
[oss-security] 20080630 CVE id request mercurial:Insufficient input validation
mailing-list
x_refsource_MLIST
SUSE-SR:2008:015
vendor-advisory
x_refsource_SUSE
http://wiki.rpath.com/Advisories:rPSA-2008-0211
x_refsource_CONFIRM
20080703 rPSA-2008-0211-1 mercurial mercurial-hgk
mailing-list
x_refsource_BUGTRAQ
GLSA-200807-09
vendor-advisory
x_refsource_GENTOO
[oss-security] 20080701 Re: CVE id request mercurial:Insufficient input validation
mailing-list
x_refsource_MLIST
31110
third-party-advisory
x_refsource_SECUNIA
31167
third-party-advisory
x_refsource_SECUNIA
31108
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now