« List of all CVEs

CVE-2018-13348

Published: 7/6/2018 Last updated: 8/5/2024 Reserved: 7/5/2018

The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (1)

conf-hg

Products affected (1)

Product Vendor Version
n/a n/a < V4.2

References (6)