Vulnerability Instance
Lookup for vulnerabilities affecting packages.
GET /api/vulnerabilities/96557?format=api
{ "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96557?format=api", "vulnerability_id": "VCID-d2sb-fpzt-3fbm", "summary": "A vulnerability was found in Mercurial SCM 4.5.3/71.19.145.211. It has been declared as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation of the argument cmd leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.", "aliases": [ { "alias": "CVE-2025-2361" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/564957?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=aarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=aarch64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/564959?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=armv7&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=armv7&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/564960?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=loongarch64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=loongarch64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/564961?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=ppc64le&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=ppc64le&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/564962?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=riscv64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=riscv64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/564963?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=s390x&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=s390x&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/564964?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=x86&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=x86&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/564965?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=x86_64&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=x86_64&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/567841?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=armhf&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=armhf&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/567842?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=armv7&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=armv7&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/567843?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=loongarch64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=loongarch64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/567844?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=ppc64le&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=ppc64le&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/567845?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=riscv64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=riscv64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/567847?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=x86&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=x86&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/567848?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=x86_64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=x86_64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/974061?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=armhf&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=armhf&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/974062?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=armv7&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=armv7&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/974064?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=ppc64le&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=ppc64le&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/974065?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=riscv64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=riscv64&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/974067?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=x86&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=x86&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/974068?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=x86_64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=x86_64&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/1003289?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=aarch64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=aarch64&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/1003290?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=armhf&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=armhf&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/1003291?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=armv7&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=armv7&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/1003292?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=loongarch64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=loongarch64&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/1003293?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=ppc64le&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=ppc64le&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/1003294?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=riscv64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=riscv64&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/1003296?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=x86&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=x86&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/1003297?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=x86_64&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=x86_64&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/564958?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=armhf&distroversion=v3.22&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=armhf&distroversion=v3.22&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/567840?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=aarch64&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=aarch64&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/567846?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=s390x&distroversion=edge&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=s390x&distroversion=edge&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/974060?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=aarch64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=aarch64&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/974063?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=loongarch64&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=loongarch64&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/974066?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=s390x&distroversion=v3.23&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=s390x&distroversion=v3.23&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/1003295?format=api", "purl": "pkg:apk/alpine/mercurial@6.9.4-r0?arch=s390x&distroversion=v3.21&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/mercurial@6.9.4-r0%3Farch=s390x&distroversion=v3.21&reponame=community" }, { "url": "http://public2.vulnerablecode.io/api/packages/930739?format=api", "purl": "pkg:deb/debian/mercurial@5.6.1-4?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@5.6.1-4%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930755?format=api", "purl": "pkg:deb/debian/mercurial@5.6.1-4%2Bdeb11u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@5.6.1-4%252Bdeb11u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930737?format=api", "purl": "pkg:deb/debian/mercurial@6.3.2-1%2Bdeb12u1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@6.3.2-1%252Bdeb12u1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1056445?format=api", "purl": "pkg:deb/debian/mercurial@6.3.2-1%2Bdeb12u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@6.3.2-1%252Bdeb12u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/930756?format=api", "purl": "pkg:deb/debian/mercurial@6.9.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@6.9.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930742?format=api", "purl": "pkg:deb/debian/mercurial@7.0.1-2?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@7.0.1-2%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930740?format=api", "purl": "pkg:deb/debian/mercurial@7.1.1-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@7.1.1-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/930741?format=api", "purl": "pkg:deb/debian/mercurial@7.2-5?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@7.2-5%3Fdistro=trixie" } ], "affected_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/571571?format=api", "purl": "pkg:deb/debian/mercurial@0.9.1-1%2Betch1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1kmd-1kun-qbdd" }, { "vulnerability": "VCID-1yyr-7yb1-2ue6" }, { "vulnerability": "VCID-4e9f-mexc-jfgm" }, { "vulnerability": "VCID-5e12-c4fx-rfa3" }, { "vulnerability": "VCID-673d-uck5-tbb7" }, { "vulnerability": "VCID-6jye-8j2x-2bgp" }, { "vulnerability": "VCID-7vwz-hbq8-c7dr" }, { "vulnerability": "VCID-bahp-n5dx-2qeg" }, { "vulnerability": "VCID-ck6k-4bcg-6faq" }, { "vulnerability": "VCID-d2sb-fpzt-3fbm" }, { "vulnerability": "VCID-hhwu-knps-qqfw" }, { "vulnerability": "VCID-j1c4-rux6-wygr" }, { "vulnerability": "VCID-nruh-my9y-jqfj" }, { "vulnerability": "VCID-qs77-k84k-qfam" }, { "vulnerability": "VCID-t9gd-va4q-a3ga" }, { "vulnerability": "VCID-tks6-8etr-mkf1" }, { "vulnerability": "VCID-v91s-ety2-x7au" }, { "vulnerability": "VCID-z346-9s62-afaz" }, { "vulnerability": "VCID-z59g-jz53-cudb" }, { "vulnerability": "VCID-znz1-y81d-zfff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@0.9.1-1%252Betch1" }, { "url": "http://public2.vulnerablecode.io/api/packages/571572?format=api", "purl": "pkg:deb/debian/mercurial@1.0.1-5.1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1kmd-1kun-qbdd" }, { "vulnerability": "VCID-5e12-c4fx-rfa3" }, { "vulnerability": "VCID-673d-uck5-tbb7" }, { "vulnerability": "VCID-6jye-8j2x-2bgp" }, { "vulnerability": "VCID-7vwz-hbq8-c7dr" }, { "vulnerability": "VCID-bahp-n5dx-2qeg" }, { "vulnerability": "VCID-ck6k-4bcg-6faq" }, { "vulnerability": "VCID-d2sb-fpzt-3fbm" }, { "vulnerability": "VCID-hhwu-knps-qqfw" }, { "vulnerability": "VCID-j1c4-rux6-wygr" }, { "vulnerability": "VCID-nruh-my9y-jqfj" }, { "vulnerability": "VCID-qs77-k84k-qfam" }, { "vulnerability": "VCID-t9gd-va4q-a3ga" }, { "vulnerability": "VCID-tks6-8etr-mkf1" }, { "vulnerability": "VCID-v91s-ety2-x7au" }, { "vulnerability": "VCID-z346-9s62-afaz" }, { "vulnerability": "VCID-z59g-jz53-cudb" }, { "vulnerability": "VCID-znz1-y81d-zfff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@1.0.1-5.1" }, { "url": "http://public2.vulnerablecode.io/api/packages/571573?format=api", "purl": "pkg:deb/debian/mercurial@1.6.4-1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1kmd-1kun-qbdd" }, { "vulnerability": "VCID-5e12-c4fx-rfa3" }, { "vulnerability": "VCID-6jye-8j2x-2bgp" }, { "vulnerability": "VCID-7vwz-hbq8-c7dr" }, { "vulnerability": "VCID-bahp-n5dx-2qeg" }, { "vulnerability": "VCID-ck6k-4bcg-6faq" }, { "vulnerability": "VCID-d2sb-fpzt-3fbm" }, { "vulnerability": "VCID-hhwu-knps-qqfw" }, { "vulnerability": "VCID-j1c4-rux6-wygr" }, { "vulnerability": "VCID-nruh-my9y-jqfj" }, { "vulnerability": "VCID-qs77-k84k-qfam" }, { "vulnerability": "VCID-t9gd-va4q-a3ga" }, { "vulnerability": "VCID-tks6-8etr-mkf1" }, { "vulnerability": "VCID-v91s-ety2-x7au" }, { "vulnerability": "VCID-z346-9s62-afaz" }, { "vulnerability": "VCID-z59g-jz53-cudb" }, { "vulnerability": "VCID-znz1-y81d-zfff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@1.6.4-1" }, { "url": "http://public2.vulnerablecode.io/api/packages/571574?format=api", "purl": "pkg:deb/debian/mercurial@1.6.4-1%2Bdeb6u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1kmd-1kun-qbdd" }, { "vulnerability": "VCID-5e12-c4fx-rfa3" }, { "vulnerability": "VCID-6jye-8j2x-2bgp" }, { "vulnerability": "VCID-7vwz-hbq8-c7dr" }, { "vulnerability": "VCID-bahp-n5dx-2qeg" }, { "vulnerability": "VCID-ck6k-4bcg-6faq" }, { "vulnerability": "VCID-d2sb-fpzt-3fbm" }, { "vulnerability": "VCID-hhwu-knps-qqfw" }, { "vulnerability": "VCID-j1c4-rux6-wygr" }, { "vulnerability": "VCID-nruh-my9y-jqfj" }, { "vulnerability": "VCID-qs77-k84k-qfam" }, { "vulnerability": "VCID-t9gd-va4q-a3ga" }, { "vulnerability": "VCID-tks6-8etr-mkf1" }, { "vulnerability": "VCID-v91s-ety2-x7au" }, { "vulnerability": "VCID-z346-9s62-afaz" }, { "vulnerability": "VCID-z59g-jz53-cudb" }, { "vulnerability": "VCID-znz1-y81d-zfff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@1.6.4-1%252Bdeb6u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/571575?format=api", "purl": "pkg:deb/debian/mercurial@2.2.2-4%2Bdeb7u2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1kmd-1kun-qbdd" }, { "vulnerability": "VCID-5e12-c4fx-rfa3" }, { "vulnerability": "VCID-6jye-8j2x-2bgp" }, { "vulnerability": "VCID-7vwz-hbq8-c7dr" }, { "vulnerability": "VCID-bahp-n5dx-2qeg" }, { "vulnerability": "VCID-ck6k-4bcg-6faq" }, { "vulnerability": "VCID-d2sb-fpzt-3fbm" }, { "vulnerability": "VCID-hhwu-knps-qqfw" }, { "vulnerability": "VCID-j1c4-rux6-wygr" }, { "vulnerability": "VCID-nruh-my9y-jqfj" }, { "vulnerability": "VCID-qs77-k84k-qfam" }, { "vulnerability": "VCID-t9gd-va4q-a3ga" }, { "vulnerability": "VCID-tks6-8etr-mkf1" }, { "vulnerability": "VCID-v91s-ety2-x7au" }, { "vulnerability": "VCID-z346-9s62-afaz" }, { "vulnerability": "VCID-z59g-jz53-cudb" }, { "vulnerability": "VCID-znz1-y81d-zfff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@2.2.2-4%252Bdeb7u2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036072?format=api", "purl": "pkg:deb/debian/mercurial@3.1.2-1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1kmd-1kun-qbdd" }, { "vulnerability": "VCID-5e12-c4fx-rfa3" }, { "vulnerability": "VCID-6jye-8j2x-2bgp" }, { "vulnerability": "VCID-7vwz-hbq8-c7dr" }, { "vulnerability": "VCID-bahp-n5dx-2qeg" }, { "vulnerability": "VCID-ck6k-4bcg-6faq" }, { "vulnerability": "VCID-d2sb-fpzt-3fbm" }, { "vulnerability": "VCID-hhwu-knps-qqfw" }, { "vulnerability": "VCID-j1c4-rux6-wygr" }, { "vulnerability": "VCID-nruh-my9y-jqfj" }, { "vulnerability": "VCID-qs77-k84k-qfam" }, { "vulnerability": "VCID-t9gd-va4q-a3ga" }, { "vulnerability": "VCID-tks6-8etr-mkf1" }, { "vulnerability": "VCID-v91s-ety2-x7au" }, { "vulnerability": "VCID-z346-9s62-afaz" }, { "vulnerability": "VCID-z59g-jz53-cudb" }, { "vulnerability": "VCID-znz1-y81d-zfff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@3.1.2-1~bpo70%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036073?format=api", "purl": "pkg:deb/debian/mercurial@3.1.2-2", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1kmd-1kun-qbdd" }, { "vulnerability": "VCID-5e12-c4fx-rfa3" }, { "vulnerability": "VCID-6jye-8j2x-2bgp" }, { "vulnerability": "VCID-7vwz-hbq8-c7dr" }, { "vulnerability": "VCID-bahp-n5dx-2qeg" }, { "vulnerability": "VCID-ck6k-4bcg-6faq" }, { "vulnerability": "VCID-d2sb-fpzt-3fbm" }, { "vulnerability": "VCID-hhwu-knps-qqfw" }, { "vulnerability": "VCID-nruh-my9y-jqfj" }, { "vulnerability": "VCID-qs77-k84k-qfam" }, { "vulnerability": "VCID-t9gd-va4q-a3ga" }, { "vulnerability": "VCID-tks6-8etr-mkf1" }, { "vulnerability": "VCID-v91s-ety2-x7au" }, { "vulnerability": "VCID-z346-9s62-afaz" }, { "vulnerability": "VCID-z59g-jz53-cudb" }, { "vulnerability": "VCID-znz1-y81d-zfff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@3.1.2-2" }, { "url": "http://public2.vulnerablecode.io/api/packages/1036074?format=api", "purl": "pkg:deb/debian/mercurial@3.1.2-2%2Bdeb8u4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1kmd-1kun-qbdd" }, { "vulnerability": "VCID-5e12-c4fx-rfa3" }, { "vulnerability": "VCID-6jye-8j2x-2bgp" }, { "vulnerability": "VCID-7vwz-hbq8-c7dr" }, { "vulnerability": "VCID-bahp-n5dx-2qeg" }, { "vulnerability": "VCID-ck6k-4bcg-6faq" }, { "vulnerability": "VCID-d2sb-fpzt-3fbm" }, { "vulnerability": "VCID-hhwu-knps-qqfw" }, { "vulnerability": "VCID-nruh-my9y-jqfj" }, { "vulnerability": "VCID-qs77-k84k-qfam" }, { "vulnerability": "VCID-t9gd-va4q-a3ga" }, { "vulnerability": "VCID-tks6-8etr-mkf1" }, { "vulnerability": "VCID-v91s-ety2-x7au" }, { "vulnerability": "VCID-z346-9s62-afaz" }, { "vulnerability": "VCID-z59g-jz53-cudb" }, { "vulnerability": "VCID-znz1-y81d-zfff" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@3.1.2-2%252Bdeb8u4" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037341?format=api", "purl": "pkg:deb/debian/mercurial@3.9.1-1~bpo8%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1kmd-1kun-qbdd" }, { "vulnerability": "VCID-7vwz-hbq8-c7dr" }, { "vulnerability": "VCID-bahp-n5dx-2qeg" }, { "vulnerability": "VCID-ck6k-4bcg-6faq" }, { "vulnerability": "VCID-d2sb-fpzt-3fbm" }, { "vulnerability": "VCID-hhwu-knps-qqfw" }, { "vulnerability": "VCID-nruh-my9y-jqfj" }, { "vulnerability": "VCID-t9gd-va4q-a3ga" }, { "vulnerability": "VCID-v91s-ety2-x7au" }, { "vulnerability": "VCID-z346-9s62-afaz" }, { "vulnerability": "VCID-z59g-jz53-cudb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@3.9.1-1~bpo8%252B1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1037342?format=api", "purl": "pkg:deb/debian/mercurial@4.0-1%2Bdeb9u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1kmd-1kun-qbdd" }, { "vulnerability": "VCID-7vwz-hbq8-c7dr" }, { "vulnerability": "VCID-bahp-n5dx-2qeg" }, { "vulnerability": "VCID-ck6k-4bcg-6faq" }, { "vulnerability": "VCID-d2sb-fpzt-3fbm" }, { "vulnerability": "VCID-hhwu-knps-qqfw" }, { "vulnerability": "VCID-nruh-my9y-jqfj" }, { "vulnerability": "VCID-t9gd-va4q-a3ga" }, { "vulnerability": "VCID-v91s-ety2-x7au" }, { "vulnerability": "VCID-z346-9s62-afaz" }, { "vulnerability": "VCID-z59g-jz53-cudb" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@4.0-1%252Bdeb9u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1049717?format=api", "purl": "pkg:deb/debian/mercurial@4.8.2-1%2Bdeb10u1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d2sb-fpzt-3fbm" }, { "vulnerability": "VCID-z346-9s62-afaz" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@4.8.2-1%252Bdeb10u1" }, { "url": "http://public2.vulnerablecode.io/api/packages/1051164?format=api", "purl": "pkg:deb/debian/mercurial@5.6.1-4", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-d2sb-fpzt-3fbm" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/mercurial@5.6.1-4" } ], "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2361", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43672", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43647", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.4362", "published_at": "2026-04-21T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43686", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43696", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43635", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43652", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43683", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43663", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43659", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00211", "scoring_system": "epss", "scoring_elements": "0.43608", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44521", "published_at": "2026-05-14T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44596", "published_at": "2026-04-26T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44515", "published_at": "2026-04-29T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44395", "published_at": "2026-05-05T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44466", "published_at": "2026-05-07T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44483", "published_at": "2026-05-09T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44419", "published_at": "2026-05-11T12:55:00Z" }, { "value": "0.00221", "scoring_system": "epss", "scoring_elements": "0.44452", "published_at": "2026-05-12T12:55:00Z" }, { "value": "0.00279", "scoring_system": "epss", "scoring_elements": "0.51311", "published_at": "2026-04-24T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2361" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2361", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-2361" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100899", "reference_id": "1100899", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1100899" }, { "reference_url": "https://vuldb.com/?ctiid.299860", "reference_id": "?ctiid.299860", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-17T13:02:17Z/" } ], "url": "https://vuldb.com/?ctiid.299860" }, { "reference_url": "https://vuldb.com/?id.299860", "reference_id": "?id.299860", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-17T13:02:17Z/" } ], "url": "https://vuldb.com/?id.299860" }, { "reference_url": "https://vuldb.com/?submit.514024", "reference_id": "?submit.514024", "reference_type": "", "scores": [ { "value": "5", "scoring_system": "cvssv2", "scoring_elements": "AV:N/AC:L/Au:N/C:N/I:P/A:N" }, { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" }, { "value": "5.3", "scoring_system": "cvssv4", "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-17T13:02:17Z/" } ], "url": "https://vuldb.com/?submit.514024" } ], "weaknesses": [ { "cwe_id": 79, "name": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "description": "The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users." }, { "cwe_id": 94, "name": "Improper Control of Generation of Code ('Code Injection')", "description": "The product constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment." } ], "exploits": [], "severity_range_score": "4.3 - 7.1", "exploitability": "0.5", "weighted_severity": "4.8", "risk_score": 2.4, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-d2sb-fpzt-3fbm" }