—
PYSEC-2026-666
Mercurial Directory traversal vulnerability
상세
Directory traversal vulnerability in patch.py in Mercurial before 1.0.2 allows user-assisted attackers to modify arbitrary files via ".." (dot dot) sequences in a patch file.
이 버전이 영향받나요?
사용 중인 패키지 버전을 입력하면 즉시 평가합니다.
영향 패키지
참고
- https://nvd.nist.gov/vuln/detail/CVE-2008-2942 [ADVISORY]
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43551 [WEB]
- https://github.com/dscho/hg [PACKAGE]
- https://issues.rpath.com/browse/RPL-2633 [WEB]
- http://lists.opensuse.org/opensuse-security-announce/2008-07/msg00006.html [WEB]
- http://secunia.com/advisories/31108 [WEB]
- http://secunia.com/advisories/31110 [WEB]
- http://secunia.com/advisories/31167 [WEB]
- http://security.gentoo.org/glsa/glsa-200807-09.xml [WEB]
- http://wiki.rpath.com/Advisories:rPSA-2008-0211 [WEB]
- http://www.openwall.com/lists/oss-security/2008/06/30/1 [WEB]
- http://www.openwall.com/lists/oss-security/2008/07/01/1 [WEB]
- http://www.securityfocus.com/archive/1/493881/100/0/threaded [WEB]
- http://www.securityfocus.com/bid/30072 [WEB]
- http://www.selenic.com/hg/rev/87c704ac92d4 [WEB]
- https://pypi.org/project/mercurial [PACKAGE]
- https://github.com/advisories/GHSA-v2gw-x5jf-pgwv [ADVISORY]