2 matches found
Astra Linux – Vulnerability in pyxdg
A code injection issue was discovered in PyXDG before version 0.26, through crafted Python code within a Category element of a Menu XML document in a .menu file. The XDGCONFIGDIRS must be set up to trigger the xdg.Menu.parse parsing within the directory containing this file. This issue occurred d...
UBUNTU-CVE-2019-12761
A code injection issue was discovered in PyXDG before 0.26 via crafted Python code in a Category element of a Menu XML document in a .menu file. XDGCONFIGDIRS must be set up to trigger xdg.Menu.parse parsing within the directory containing this file. This is due to a lack of sanitization in...