Freedesktop xdg-utils 1.1.0 Release Candidate 1
Approved changes feed: RSS · Atom
cpe:2.3:a:freedesktop:xdg-utils:1.1.0:rc1:*:*:*:*:*:*
part: a version: 1.1.0 update: rc1
| Vendor | Freedesktop (2c544e5d-e68e-5b35-a616-dc08f0ba697e) |
|---|---|
| Product | Xdg Utils (b0f0a142-e000-5f3c-9544-5023431b8de4) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:deb/debian/xdg-utils |
purl2cpe | 2026-06-01 10:14:04.248202 |
pkg:deb/ubuntu/xdg-utils |
purl2cpe | 2026-06-01 10:14:04.248203 |
pkg:github/freedesktop/xdg-utils |
purl2cpe | 2026-06-01 10:14:04.248205 |
pkg:gitlab/redhat/xdg-utils |
purl2cpe | 2026-06-01 10:14:04.248206 |
pkg:rpm/centos/xdg-utils |
purl2cpe | 2026-06-01 10:14:04.248207 |
pkg:rpm/fedora/xdg-utils |
purl2cpe | 2026-06-01 10:14:04.248209 |
pkg:rpm/opensuse/xdg-utils |
purl2cpe | 2026-06-01 10:14:04.248210 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2015-1877 |
vulnerable | 2026-06-03 14:34:40.346598 |
Details available
The open_generic_xdg_mime function in xdg-open in xdg-utils 1.1.0 rc1 in Debian, when using dash, does not properly handle local variables, which allows remote attackers to execute arbitrary commands via a crafted file.
Published: 2021-06-02T16:34:34.000Z
Updated: 2024-08-06T04:54:16.331Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.