CVE-2018-13348

The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001.

Published: Jul 6, 2018
Updated: Apr 13, 2023
CVE: CVE-2018-13348
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:P/A:N

CWEs:

CWE-20

Affected Software
References

Software	From	Fixed in
mercurial / mercurial	-	4.6.1

https://lists.debian.org/debian-lts-announce/2020/07/msg00032.html
https://www.mercurial-scm.org/repo/hg/rev/90a274965de7
https://www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.6.1_.282018-06-06.29

Vulnerability Database

289,697

CVE-2018-13348