VulnerableCode Package Details - pkg:deb/debian/mercurial@5.6.1-4

Search for packages

Vulnerability	Summary	Fixed by
VCID-d2sb-fpzt-3fbm Aliases: CVE-2025-2361	A vulnerability was found in Mercurial SCM 4.5.3/71.19.145.211. It has been declared as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation of the argument cmd leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.	6.3.2-1+deb12u1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-d2sb-fpzt-3fbm
Aliases:
CVE-2025-2361

A vulnerability was found in Mercurial SCM 4.5.3/71.19.145.211. It has been declared as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation of the argument cmd leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

6.3.2-1+deb12u1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
VCID-z346-9s62-afaz	A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial's path-checking logic and write files outside a repository.	CVE-2019-3902 GHSA-mq66-vcfc-8246 PYSEC-2019-188

Vulnerability

Summary

Aliases

VCID-z346-9s62-afaz

A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial's path-checking logic and write files outside a repository.

CVE-2019-3902
GHSA-mq66-vcfc-8246
PYSEC-2019-188

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-15T20:08:47.195569+00:00	Debian Oval Importer	Affected by	VCID-d2sb-fpzt-3fbm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-15T16:06:19.036839+00:00	Debian Oval Importer	Fixing	VCID-z346-9s62-afaz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.4.0
2026-04-11T19:50:29.260605+00:00	Debian Oval Importer	Affected by	VCID-d2sb-fpzt-3fbm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-11T15:53:51.019814+00:00	Debian Oval Importer	Fixing	VCID-z346-9s62-afaz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.3.0
2026-04-08T19:32:55.452885+00:00	Debian Oval Importer	Affected by	VCID-d2sb-fpzt-3fbm	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0
2026-04-08T15:47:08.185420+00:00	Debian Oval Importer	Fixing	VCID-z346-9s62-afaz	https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2	38.1.0