vulnerability

Debian: CVE-2017-1000115: mercurial -- security update

Severity

CVSS

(AV:N/AC:L/Au:N/C:N/I:P/A:N)

Published

Sep 4, 2017

Added

Dec 4, 2017

Modified

Mar 30, 2026

Description

Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository

debian-upgrade-mercurial

Rapid7 Labs

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.