Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open.
{ "availability": "No subscription required", "binaries": [ { "binary_name": "xdg-utils", "binary_version": "1.1.0~rc1-2ubuntu7.1" } ] }