Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/mercurial@1.6.4-1%2Bdeb6u1
Typedeb
Namespacedebian
Namemercurial
Version1.6.4-1+deb6u1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version4.8.2-1+deb10u1
Latest_non_vulnerable_version4.8.2-1+deb10u1
Affected_by_vulnerabilities
0
url VCID-16q8-up17-hkd7
vulnerability_id VCID-16q8-up17-hkd7
summary Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html
5
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2016-0706.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0706.html
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3069.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3069.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3069
reference_id
reference_type
scores
0
value 0.0283
scoring_system epss
scoring_elements 0.86449
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3069
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3068
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3068
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3069
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3069
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3630
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3630
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2016-27.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2016-27.yaml
13
reference_url https://security.gentoo.org/glsa/201612-19
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201612-19
14
reference_url https://selenic.com/repo/hg-stable/rev/197eed39e3d5
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://selenic.com/repo/hg-stable/rev/197eed39e3d5
15
reference_url https://selenic.com/repo/hg-stable/rev/80cac1de6aea
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://selenic.com/repo/hg-stable/rev/80cac1de6aea
16
reference_url https://selenic.com/repo/hg-stable/rev/ae279d4a19e9
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://selenic.com/repo/hg-stable/rev/ae279d4a19e9
17
reference_url https://selenic.com/repo/hg-stable/rev/b732e7f2aba4
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://selenic.com/repo/hg-stable/rev/b732e7f2aba4
18
reference_url https://selenic.com/repo/hg-stable/rev/cdda7b96afff
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://selenic.com/repo/hg-stable/rev/cdda7b96afff
19
reference_url https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29
20
reference_url http://www.debian.org/security/2016/dsa-3542
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3542
21
reference_url http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
22
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
23
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1320155
reference_id 1320155
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1320155
24
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819504
reference_id 819504
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819504
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3069
reference_id CVE-2016-3069
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3069
26
reference_url https://github.com/advisories/GHSA-8fm8-7365-5rh2
reference_id GHSA-8fm8-7365-5rh2
reference_type
scores
url https://github.com/advisories/GHSA-8fm8-7365-5rh2
27
reference_url https://access.redhat.com/errata/RHSA-2016:0706
reference_id RHSA-2016:0706
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0706
fixed_packages
0
url pkg:deb/debian/mercurial@2.2.2-4%2Bdeb7u2
purl pkg:deb/debian/mercurial@2.2.2-4%2Bdeb7u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-71pc-96mg-ufbt
1
vulnerability VCID-dybb-af3z-zbce
2
vulnerability VCID-utkv-unr7-c3dq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@2.2.2-4%252Bdeb7u2
aliases CVE-2016-3069, GHSA-8fm8-7365-5rh2, PYSEC-2016-27
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-16q8-up17-hkd7
1
url VCID-2996-7bgv-eqdv
vulnerability_id VCID-2996-7bgv-eqdv
summary The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command.
references
0
reference_url http://chargen.matasano.com/chargen/2015/3/17/this-new-vulnerability-mercurial-command-injection-cve-2014-9462.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://chargen.matasano.com/chargen/2015/3/17/this-new-vulnerability-mercurial-command-injection-cve-2014-9462.html
1
reference_url http://lists.opensuse.org/opensuse-updates/2015-03/msg00085.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-updates/2015-03/msg00085.html
2
reference_url http://mercurial.selenic.com/wiki/WhatsNew
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://mercurial.selenic.com/wiki/WhatsNew
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9462.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-9462.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-9462
reference_id
reference_type
scores
0
value 0.01129
scoring_system epss
scoring_elements 0.78651
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-9462
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9462
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9462
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2015-14.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2015-14.yaml
7
reference_url https://security.gentoo.org/glsa/201612-19
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201612-19
8
reference_url http://www.debian.org/security/2015/dsa-3257
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2015/dsa-3257
9
reference_url http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html
10
reference_url http://www.osvdb.org/119816
reference_id
reference_type
scores
url http://www.osvdb.org/119816
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1204807
reference_id 1204807
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1204807
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783237
reference_id 783237
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=783237
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-9462
reference_id CVE-2014-9462
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-9462
14
reference_url https://github.com/advisories/GHSA-3pmw-h7j4-rf54
reference_id GHSA-3pmw-h7j4-rf54
reference_type
scores
url https://github.com/advisories/GHSA-3pmw-h7j4-rf54
fixed_packages
0
url pkg:deb/debian/mercurial@2.2.2-4%2Bdeb7u2
purl pkg:deb/debian/mercurial@2.2.2-4%2Bdeb7u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-71pc-96mg-ufbt
1
vulnerability VCID-dybb-af3z-zbce
2
vulnerability VCID-utkv-unr7-c3dq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@2.2.2-4%252Bdeb7u2
aliases CVE-2014-9462, GHSA-3pmw-h7j4-rf54, PYSEC-2015-14
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2996-7bgv-eqdv
2
url VCID-71pc-96mg-ufbt
vulnerability_id VCID-71pc-96mg-ufbt
summary multiple issues
references
0
reference_url https://access.redhat.com/errata/RHSA-2017:2489
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2489
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000115.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000115.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000115
reference_id
reference_type
scores
0
value 0.02142
scoring_system epss
scoring_elements 0.84531
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000115
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000115
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000115
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000116
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000116
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2017-88.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2017-88.yaml
6
reference_url https://security.gentoo.org/glsa/201709-18
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201709-18
7
reference_url https://web.archive.org/web/20200227155758/http://www.securityfocus.com/bid/100290
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227155758/http://www.securityfocus.com/bid/100290
8
reference_url https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.2F_4.3.1_.282017-08-10.29
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.2F_4.3.1_.282017-08-10.29
9
reference_url http://www.debian.org/security/2017/dsa-3963
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2017/dsa-3963
10
reference_url http://www.securityfocus.com/bid/100290
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100290
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1480330
reference_id 1480330
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1480330
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871709
reference_id 871709
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871709
13
reference_url https://security.archlinux.org/ASA-201708-7
reference_id ASA-201708-7
reference_type
scores
url https://security.archlinux.org/ASA-201708-7
14
reference_url https://security.archlinux.org/AVG-378
reference_id AVG-378
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-378
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000115
reference_id CVE-2017-1000115
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000115
16
reference_url https://github.com/advisories/GHSA-hvr9-wr9p-grgr
reference_id GHSA-hvr9-wr9p-grgr
reference_type
scores
url https://github.com/advisories/GHSA-hvr9-wr9p-grgr
fixed_packages
0
url pkg:deb/debian/mercurial@3.1.2-2%2Bdeb8u4
purl pkg:deb/debian/mercurial@3.1.2-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-71pc-96mg-ufbt
1
vulnerability VCID-utkv-unr7-c3dq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@3.1.2-2%252Bdeb8u4
1
url pkg:deb/debian/mercurial@4.0-1%2Bdeb9u1
purl pkg:deb/debian/mercurial@4.0-1%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-71pc-96mg-ufbt
1
vulnerability VCID-utkv-unr7-c3dq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@4.0-1%252Bdeb9u1
2
url pkg:deb/debian/mercurial@4.8.2-1%2Bdeb10u1
purl pkg:deb/debian/mercurial@4.8.2-1%2Bdeb10u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@4.8.2-1%252Bdeb10u1
aliases CVE-2017-1000115, GHSA-hvr9-wr9p-grgr, PYSEC-2017-88
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-71pc-96mg-ufbt
3
url VCID-dybb-af3z-zbce
vulnerability_id VCID-dybb-af3z-zbce
summary Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html
5
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html
6
reference_url http://rhn.redhat.com/errata/RHSA-2016-0706.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2016-0706.html
7
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3068.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3068.json
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3068
reference_id
reference_type
scores
0
value 0.05001
scoring_system epss
scoring_elements 0.89884
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3068
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3068
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3068
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3069
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3069
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3630
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3630
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2016-26.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2016-26.yaml
13
reference_url https://security.gentoo.org/glsa/201612-19
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201612-19
14
reference_url https://selenic.com/repo/hg-stable/rev/34d43cb85de8
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://selenic.com/repo/hg-stable/rev/34d43cb85de8
15
reference_url https://web.archive.org/web/20200228003737/http://www.securityfocus.com/bid/85733
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228003737/http://www.securityfocus.com/bid/85733
16
reference_url https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29
17
reference_url http://www.debian.org/security/2016/dsa-3542
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3542
18
reference_url http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
19
reference_url http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
20
reference_url http://www.securityfocus.com/bid/85733
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/85733
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1319768
reference_id 1319768
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1319768
22
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819504
reference_id 819504
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819504
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3068
reference_id CVE-2016-3068
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3068
24
reference_url https://github.com/advisories/GHSA-j7c2-rqm3-c97m
reference_id GHSA-j7c2-rqm3-c97m
reference_type
scores
url https://github.com/advisories/GHSA-j7c2-rqm3-c97m
25
reference_url https://access.redhat.com/errata/RHSA-2016:0706
reference_id RHSA-2016:0706
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:0706
fixed_packages
0
url pkg:deb/debian/mercurial@2.2.2-4%2Bdeb7u2
purl pkg:deb/debian/mercurial@2.2.2-4%2Bdeb7u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-71pc-96mg-ufbt
1
vulnerability VCID-dybb-af3z-zbce
2
vulnerability VCID-utkv-unr7-c3dq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@2.2.2-4%252Bdeb7u2
1
url pkg:deb/debian/mercurial@3.1.2-2%2Bdeb8u4
purl pkg:deb/debian/mercurial@3.1.2-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-71pc-96mg-ufbt
1
vulnerability VCID-utkv-unr7-c3dq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@3.1.2-2%252Bdeb8u4
aliases CVE-2016-3068, GHSA-j7c2-rqm3-c97m, PYSEC-2016-26
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dybb-af3z-zbce
4
url VCID-n9rd-9dpp-t3cc
vulnerability_id VCID-n9rd-9dpp-t3cc
summary The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records.
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181505.html
1
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.fedoraproject.org/pipermail/package-announce/2016-April/181542.html
2
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00016.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00017.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00018.html
5
reference_url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00043.html
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3630.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-3630.json
7
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-3630
reference_id
reference_type
scores
0
value 0.05192
scoring_system epss
scoring_elements 0.9009
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-3630
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3068
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3068
9
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3069
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3069
10
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3630
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3630
11
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2016-29.yaml
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2016-29.yaml
12
reference_url https://security.gentoo.org/glsa/201612-19
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201612-19
13
reference_url https://selenic.com/repo/hg-stable/rev/b6ed2505d6cf
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://selenic.com/repo/hg-stable/rev/b6ed2505d6cf
14
reference_url https://selenic.com/repo/hg-stable/rev/b9714d958e89
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://selenic.com/repo/hg-stable/rev/b9714d958e89
15
reference_url https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_3.7.3_.282016-3-29.29
16
reference_url http://www.debian.org/security/2016/dsa-3542
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2016/dsa-3542
17
reference_url http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
reference_id
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1322264
reference_id 1322264
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1322264
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819504
reference_id 819504
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=819504
20
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-3630
reference_id CVE-2016-3630
reference_type
scores
0
value 8.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
1
value 8.7
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-3630
21
reference_url https://github.com/advisories/GHSA-9vjf-jjcq-3gh7
reference_id GHSA-9vjf-jjcq-3gh7
reference_type
scores
url https://github.com/advisories/GHSA-9vjf-jjcq-3gh7
fixed_packages
0
url pkg:deb/debian/mercurial@2.2.2-4%2Bdeb7u2
purl pkg:deb/debian/mercurial@2.2.2-4%2Bdeb7u2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-71pc-96mg-ufbt
1
vulnerability VCID-dybb-af3z-zbce
2
vulnerability VCID-utkv-unr7-c3dq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@2.2.2-4%252Bdeb7u2
aliases CVE-2016-3630, GHSA-9vjf-jjcq-3gh7, PYSEC-2016-29
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-n9rd-9dpp-t3cc
5
url VCID-utkv-unr7-c3dq
vulnerability_id VCID-utkv-unr7-c3dq
summary multiple issues
references
0
reference_url https://access.redhat.com/errata/RHSA-2017:2489
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2489
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000116.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-1000116.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-1000116
reference_id
reference_type
scores
0
value 0.04585
scoring_system epss
scoring_elements 0.8941
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-1000116
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000115
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000115
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000116
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000116
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2017-89.yaml
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/mercurial/PYSEC-2017-89.yaml
6
reference_url https://security.gentoo.org/glsa/201709-18
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.gentoo.org/glsa/201709-18
7
reference_url https://web.archive.org/web/20200227155758/http://www.securityfocus.com/bid/100290
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227155758/http://www.securityfocus.com/bid/100290
8
reference_url https://wiki.mercurial-scm.org/WhatsNew/Archive
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://wiki.mercurial-scm.org/WhatsNew/Archive
9
reference_url https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.2F_4.3.1_.282017-08-10.29
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3_.2F_4.3.1_.282017-08-10.29
10
reference_url http://www.debian.org/security/2017/dsa-3963
reference_id
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.debian.org/security/2017/dsa-3963
11
reference_url http://www.securityfocus.com/bid/100290
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100290
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1479915
reference_id 1479915
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1479915
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871710
reference_id 871710
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871710
14
reference_url https://security.archlinux.org/ASA-201708-7
reference_id ASA-201708-7
reference_type
scores
url https://security.archlinux.org/ASA-201708-7
15
reference_url https://security.archlinux.org/AVG-378
reference_id AVG-378
reference_type
scores
0
value Critical
scoring_system archlinux
scoring_elements
url https://security.archlinux.org/AVG-378
16
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-1000116
reference_id CVE-2017-1000116
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value 9.3
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
2
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-1000116
17
reference_url https://github.com/advisories/GHSA-3qmg-c9vc-r47j
reference_id GHSA-3qmg-c9vc-r47j
reference_type
scores
url https://github.com/advisories/GHSA-3qmg-c9vc-r47j
fixed_packages
0
url pkg:deb/debian/mercurial@3.1.2-2%2Bdeb8u4
purl pkg:deb/debian/mercurial@3.1.2-2%2Bdeb8u4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-71pc-96mg-ufbt
1
vulnerability VCID-utkv-unr7-c3dq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@3.1.2-2%252Bdeb8u4
1
url pkg:deb/debian/mercurial@4.0-1%2Bdeb9u1
purl pkg:deb/debian/mercurial@4.0-1%2Bdeb9u1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-71pc-96mg-ufbt
1
vulnerability VCID-utkv-unr7-c3dq
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@4.0-1%252Bdeb9u1
2
url pkg:deb/debian/mercurial@4.8.2-1%2Bdeb10u1
purl pkg:deb/debian/mercurial@4.8.2-1%2Bdeb10u1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@4.8.2-1%252Bdeb10u1
aliases CVE-2017-1000116, GHSA-3qmg-c9vc-r47j, PYSEC-2017-89
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-utkv-unr7-c3dq
Fixing_vulnerabilities
Risk_score4.5
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@1.6.4-1%252Bdeb6u1