0.014 Low
EPSS
Percentile
86.2%
Mercurial is vulnerable to files outside of the repository being overwritten. This is because the symlink auditing isn’t complete which allows attackers to write files outside of the repository.
www.mercurial-scm.org/repo/hg-stable/rev/0b3fe3910ef5
www.mercurial-scm.org/repo/hg-stable/rev/3fee7f7d2da0
www.mercurial-scm.org/wiki/WhatsNew#Mercurial_4.3.1