First published: Thu Oct 04 2018(Updated: )
`cext/manifest.c` in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry.
Credit: cve@mitre.org cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Mercurial Mercurial | <4.7.2 | |
pip/mercurial | <4.7.2 | 4.7.2 |
debian/mercurial | 5.6.1-4 6.3.2-1 6.9-1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for the Mercurial out-of-bounds read vulnerability is CVE-2018-17983.
CVE-2018-17983 has a severity rating of 9.1, which is considered critical.
The affected software is Mercurial before version 4.7.2.
The CWE ID for this vulnerability is CWE-125.
To fix the Mercurial out-of-bounds read vulnerability, you should update to version 4.7.2 or later.