CVE-2008-2942 — Vulnetix

CVE-2008-2942 PUBLISHED

Reported by mitre · Published June 30, 2008

Directory traversal vulnerability in patch.py in Mercurial 1.0.1 allows user-assisted attackers to modify arbitrary files via ".." (dot dot) sequences in a patch file.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a, n/a, n/a

Timeline

Jun 30, 2008 CVE Published
Feb 4, 2022 EPSS Score
Mar 29, 2022 EPSS Score
May 20, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 3, 2022 EPSS Score
Dec 17, 2022 EPSS Score
Feb 8, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Apr 1, 2023 EPSS Score
May 24, 2023 EPSS Score
Jul 15, 2023 EPSS Score

References

x_refsource_CONFIRM
mercurial-patch-directory-traversal(43551) vdb-entryx_refsource_XF
30072 vdb-entryx_refsource_BID
x_refsource_CONFIRM
[oss-security] 20080630 CVE id request mercurial:Insufficient input validation mailing-listx_refsource_MLIST
SUSE-SR:2008:015 vendor-advisoryx_refsource_SUSE
x_refsource_CONFIRM
20080703 rPSA-2008-0211-1 mercurial mercurial-hgk mailing-listx_refsource_BUGTRAQ
GLSA-200807-09 vendor-advisoryx_refsource_GENTOO
[oss-security] 20080701 Re: CVE id request mercurial:Insufficient input validation mailing-listx_refsource_MLIST
31110 third-party-advisoryx_refsource_SECUNIA
31167 third-party-advisoryx_refsource_SECUNIA
31108 third-party-advisoryx_refsource_SECUNIA

Open in Interactive Console →