| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-13348 | 5.0 |
The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001.
|
31-07-2020 - 13:15 | 06-07-2018 - 00:29 | |
| CVE-2018-13347 | 7.5 |
mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002.
|
31-07-2020 - 13:15 | 06-07-2018 - 00:29 | |
| CVE-2018-13346 | 5.0 |
The mpatch_apply function in mpatch.c in Mercurial before 4.6.1 incorrectly proceeds in cases where the fragment start is past the end of the original data, aka OVE-20180430-0004.
|
31-07-2020 - 13:15 | 06-07-2018 - 00:29 |