Search CVE reports
1 result
CVE-2022-3008
Medium prioritySome fixes available 1 of 4
The tinygltf library uses the C library function wordexp() to perform file path expansion on untrusted paths that are provided from the input file. This function allows for command injection by using backticks. An attacker could...
1 affected package
tinygltf
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| tinygltf | Not affected | Fixed | Not in release | Not in release | Ignored |