VYPR

Xdg Utils

by File Project

CVEs (2)

  • CVE-2014-9622Jan 21, 2015
    risk 0.00cvss epss 0.03

    Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open.

  • CVE-2008-0386Feb 4, 2008
    risk 0.00cvss epss 0.03

    Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to (1) xdg-open or (2) xdg-email.