Unrated severityNVD Advisory· Published May 26, 2011· Updated Apr 29, 2026
CVE-2010-2246
CVE-2010-2246
Description
feh before 1.8, when the --wget-timestamp option is enabled, might allow remote attackers to execute arbitrary commands via shell metacharacters in a URL.
Affected products
23cpe:2.3:a:feh_project:feh:*:*:*:*:*:*:*:*+ 22 more
- cpe:2.3:a:feh_project:feh:*:*:*:*:*:*:*:*range: <=1.7
- cpe:2.3:a:feh_project:feh:0.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:0.6.4:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:0.7.0:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:0.9.9:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:1.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:1.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:1.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:1.2.5:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:1.2.6:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:1.2.7:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:1.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:1.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:1.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:1.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:1.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:1.5:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:1.6:*:*:*:*:*:*:*
- cpe:2.3:a:feh_project:feh:1.6.1:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
4News mentions
0No linked articles in our index yet.