CVE-2018-17983: Critical severity mercurial vulnerability
Published Oct 4, 2018
·Updated
cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry.
Other sources
cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry.
Affected Software
3 affected componentsFixes available
pip/mercurial<4.7.2
4.7.2
debian/mercurial
5.6.1-46.3.2-16.9-1
Mercurial Mercurial<4.7.2
Remediation
Patch Available
Event History
Oct 4, 2018
CVE Published
via MITRE·11:00 PM
Data Sourced
via MITRE·11:00 PM
Description
May 14, 2022
Advisory Published
via GitHub·01:49 AM
Aug 8, 2024
Data Sourced
via Launchpad·07:37 PM
Description
Sep 13, 2024
Data Sourced
via Ubuntu·07:41 PM
RemedyDescriptionSeverityAffected Software
Frequently Asked Questions
1
What is the vulnerability ID for the Mercurial out-of-bounds read vulnerability?
The vulnerability ID for the Mercurial out-of-bounds read vulnerability is CVE-2018-17983.
2
What is the severity rating of CVE-2018-17983?
CVE-2018-17983 has a severity rating of 9.1, which is considered critical.
3
What is the affected software?
The affected software is Mercurial before version 4.7.2.
4
What is the CWE ID for this vulnerability?
The CWE ID for this vulnerability is CWE-125.
5
How can I fix the Mercurial out-of-bounds read vulnerability?
To fix the Mercurial out-of-bounds read vulnerability, you should update to version 4.7.2 or later.