GCVE - cpe:2.3:a:gentoo:xdg-utils:1.1.0:rc1:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:gentoo:xdg-utils:1.1.0:rc1:*:*:*:*:*:*

part: a version: 1.1.0 update: rc1

Vendor	Gentoo (`7fa277de-5a05-5db1-a5d1-2f4db074c494`)
Product	Xdg Utils (`e64457d3-cbe8-54b9-a32a-6a4750010ae1`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:github/gentoo/gentoo`	purl2cpe	2026-06-01 10:12:48.635405

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2014-9622`	vulnerable	2026-06-03 14:34:27.462851	Details available Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open. Published: 2015-01-21T18:00:00.000Z Updated: 2024-08-06T13:47:41.849Z Open on db.gcve.eu Reference links https://bugs.freedesktop.org/show_bug.cgi?id=66670 https://bugs.gentoo.org/show_bug.cgi?id=472888 http://seclists.org/fulldisclosure/2014/Nov/36 http://www.openwall.com/lists/oss-security/2015/01/17/10 http://secunia.com/advisories/62155	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.