CVE-2018-13348

The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001.
Configurations

Configuration 1 (hide)

cpe:2.3:a:mercurial:mercurial:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-07-06 00:29

Updated : 2024-02-04 19:46


NVD link : CVE-2018-13348

Mitre link : CVE-2018-13348

CVE.ORG link : CVE-2018-13348


JSON object : View

Products Affected

mercurial

  • mercurial
CWE
CWE-20

Improper Input Validation