Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:DLA-217-1
HistoryMay 01, 2015 - 12:00 a.m.

xdg-utils - security update

2015-05-0100:00:00
Google
osv.dev
6

0.01 Low

EPSS

Percentile

83.9%

JSON

The two below CVE issues have recently been fixed in Debian squeeze-lts:

  • CVE-2014-9622
    John Houwer discovered a way to cause xdg-open, a tool that automatically
    opens URLs in a user’s preferred application, to execute arbitrary
    commands remotely.
  • CVE-2015-1877
    Jiri Horner discovered a way to cause xdg-open, a tool that automatically
    opens URLs in a user’s preferred application, to execute arbitrary
    commands remotely.

This problem only affects /bin/sh implementations that don’t sanitize
local variables. Dash, which is the default /bin/sh in Debian is
affected. Bash as /bin/sh is known to be unaffected.

CPENameOperatorVersion
xdg-utilseq1.0.2+cvs20100307-2

Related

securityvulns 3
openvas 7
debian 5
cve 2
nessus 4
osv 1
prion 2
nvd 2
mageia 1
cvelist 2
gentoo 1
debiancve 2
ubuntucve 2
rosalinux 1
securityvulns
securityvulns
xdg-open code execution
2015-03-08 00:00:00
[SECURITY] [DSA 3131-1] xdg-utils security update
2015-01-19 00:00:00
[SECURITY] [DSA 3165-1] xdg-utils security update
2015-03-08 00:00:00
openvas
openvas
Debian: Security Advisory (DLA-217-1)
2023-03-08 00:00:00
Debian Security Advisory DSA 3131-1 (xdg-utils - security update)
2015-01-18 00:00:00
Debian: Security Advisory (DSA-3131-1)
2015-01-17 00:00:00
debian
debian
[SECURITY] [DLA 217-1] xdg-utils security update
2015-05-01 09:32:20
[SECURITY] [DSA 3131-1] xdg-utils security update
2015-01-19 04:22:31
[SECURITY] [DSA 3131-1] xdg-utils security update
2015-01-19 04:22:31
cve
cve
CVE-2014-9622
2015-01-21 18:59:08
CVE-2015-1877
2021-06-02 17:15:08
nessus
nessus
Debian DSA-3131-1 : xdg-utils - security update
2015-01-20 00:00:00
openSUSE Security Update : xdg-utils (openSUSE-SU-2015:0191-1)
2015-02-03 00:00:00
GLSA-201701-09 : Xdg-Utils: Command injection
2017-01-03 00:00:00
osv
osv
xdg-utils - security update
2015-01-18 00:00:00
prion
prion
Design/Logic Flaw
2015-01-21 18:59:00
Design/Logic Flaw
2021-06-02 17:15:00
nvd
nvd
CVE-2014-9622
2015-01-21 18:59:08
CVE-2015-1877
2021-06-02 17:15:08
mageia
mageia
Updated xdg-utils packages fix CVE-2014-9622
2015-02-11 23:47:51
cvelist
cvelist
CVE-2014-9622
2015-01-21 18:00:00
CVE-2015-1877
2021-06-02 16:34:34
gentoo
gentoo
Xdg-Utils: Command injection
2017-01-01 00:00:00
debiancve
debiancve
CVE-2014-9622
2015-01-21 18:59:08
CVE-2015-1877
2021-06-02 17:15:08
ubuntucve
ubuntucve
CVE-2014-9622
2015-01-21 00:00:00
CVE-2015-1877
2021-06-02 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-2001
2021-07-02 18:21:18

0.01 Low

EPSS

Percentile

83.9%

JSON
Related for OSV:DLA-217-1
securityvulns3openvas7debian5cve2nessus4osv1prion2nvd2mageia1cvelist2gentoo1debiancve2ubuntucve2rosalinux1