Processed: tagging 1013129, found 1013129 in 4.16.3-1

Processing commands for cont...@bugs.debian.org: > tags 1013129 + upstream Bug #1013129 [src:exo] exo: CVE-2022-32278 Added tag(s) upstream. > found 1013129 4.16.3-1 Bug #1013129 [src:exo] exo: CVE-2022-32278 Marked as found in versions exo/4.16.3-1. > thanks Stopping processing here. Please cont

Bug#1013129: exo: CVE-2022-32278

Source: exo X-Debbugs-CC: t...@security.debian.org Severity: grave Tags: security Hi, The following vulnerability was published for exo. CVE-2022-32278[0]: | XFCE 4.16 allows attackers to execute arbitrary code because xdg-open | can execute a .desktop file on an attacker-controlled FTP server.