VDB
GCVE-110-MAGEIA-2016-172
GCVE-110-MAGEIA-2016-172
Advisory Published
This update fixes possible arbitrary code execution when converting Git
repos. Mercurial prior to 3.8 allowed arbitrary code execution when using
the convert extension on Git repos with hostile names. This could affect
automated code conversion services that allow arbitrary repository names.
This is a further side-effect of Git CVE-2015-7545. Reported and fixed by
Blake Burkhart.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | mercurial | 3.1.1-5.2.mga5 (unaffected), 0 (affected) | — |
Aliases
Browse GCVE Records
72,921 records in the GCVE database · Updated July 15, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.