2017-10-04 01:00:00
mitre
PUBLISHED
Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.