View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2018-17983 severity moderate: SUSE including 13 source package names (mercurial, mercurial-4.5.2-3.6.1, …), 20 product×package rows across 16 product lines (SUSE Linux Enterprise Module for Basesystem 15 SP4, SUSE Linux Enterprise Module for Basesystem 15 SP5, … (16 product lines)): Fixed 18, Known Not Affected 2.
cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry.