mercurial vulnerabilities

Continuously find & fix vulnerabilities like these in your dependencies. Test and protect your applications

Direct Vulnerabilities

Known vulnerabilities in the mercurial package. This does not include vulnerabilities belonging to this package’s dependencies.

Report new vulnerabilities
Vulnerability Vulnerable versions Snyk patch Published
  • M
Link Following
<4.0-1+deb9u2 Not available 20 Apr, 2019
  • L
Out-of-bounds Read
* Not available 04 Oct, 2018
  • H
Improper Input Validation
<4.0-1+deb9u2 Not available 11 Jul, 2018
  • H
Integer Overflow or Wraparound
<4.0-1+deb9u2 Not available 11 Jul, 2018
  • H
Improper Input Validation
<4.0-1+deb9u2 Not available 11 Jul, 2018
  • L
Improper Certificate Validation
<1.6.4-1 Not available 27 Jun, 2018
  • H
Improper Input Validation
<3.1.2-2 Not available 27 Jun, 2018
  • H
Incorrect Permission Assignment for Critical Resource
<4.0-1+deb9u2 Not available 14 Mar, 2018
  • H
OS Command Injection
<4.0-1+deb9u2 Not available 07 Dec, 2017
  • H
Link Following
<4.0-1+deb9u1 Not available 05 Oct, 2017
  • H
OS Command Injection
<4.0-1+deb9u1 Not available 05 Oct, 2017
  • H
Incorrect Permission Assignment for Critical Resource
<4.0-1+deb9u1 Not available 06 Jun, 2017
  • H
Improper Access Control
<3.8.1-1 Not available 09 May, 2016
  • H
Improper Input Validation
<3.7.3-1 Not available 13 Apr, 2016
  • H
Improper Input Validation
<3.7.3-1 Not available 13 Apr, 2016
  • H
Improper Data Handling
<3.7.3-1 Not available 13 Apr, 2016
  • H
Improper Input Validation
<3.4-1 Not available 31 Mar, 2015
  • L
Access Restriction Bypass
<1.0.1-5.1 Not available 27 Sep, 2008
  • L
Directory Traversal
<1.0.1-2 Not available 30 Jun, 2008