Lucene search
Veracode Vulnerability DatabaseVERACODE:20468HistoryJun 07, 2019 - 8:42 a.m.
Code Injection
2019-06-0708:42:04
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
EPSS
0.007
Percentile
80.1%
pyxdg is vulnerable to code injection. The vulnerability is due to lack of sanitization of xdg/Menu.py before an eval call, allowing an attacker to perform xdg.Menu.parse parsing within the directory containing this file by using a malicious python code via a Category element of a Menu XML document in a .menu file once XDG_CONFIG_DIR is configured.
Related
redhatcve
redhatcve
CVE-2019-12761
2019-06-07 09:20:51
nessus
nessus
RHEL 6 : pyxdg (Unpatched Vulnerability)
2024-05-11 00:00:00
RHEL 8 : pyxdg (Unpatched Vulnerability)
2024-06-03 00:00:00
Ubuntu 16.04 LTS / 18.04 LTS : PyXDG vulnerability (USN-4700-1)
2021-01-19 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:2997-1)
2022-09-05 00:00:00
Ubuntu: Security Advisory (USN-4700-1)
2021-01-20 00:00:00
Debian: Security Advisory (DLA-1819-1)
2019-06-17 00:00:00
osv
osv
pyxdg vulnerability
2021-01-19 14:29:18
PYSEC-2019-199
2019-06-06 19:29:00
pyxdg - security update
2021-08-03 00:00:00
github
github
Code Injection in PyXDG
2019-06-07 20:56:27
prion
prion
Code injection
2019-06-06 19:29:00
cvelist
cvelist
CVE-2019-12761
2019-06-06 18:55:27
ubuntu
ubuntu
PyXDG vulnerability
2021-01-19 00:00:00
ubuntucve
ubuntucve
CVE-2019-12761
2019-06-06 00:00:00
nvd
nvd
CVE-2019-12761
2019-06-06 19:29:00
debian
debian
[SECURITY] [DLA 1819-1] pyxdg security update
2019-06-16 10:51:18
[SECURITY] [DLA 2727-1] pyxdg security update
2021-08-03 12:50:42
debiancve
debiancve
CVE-2019-12761
2019-06-06 19:29:00
cve
cve
CVE-2019-12761
2019-06-06 19:29:00