tinyfiledialogs (aka tiny file dialogs) prior to 3.15.0 allows shell metacharacters (such as a backquote or a dollar sign) in titles, messages, and other input data. NOTE: this issue exists because of an incomplete fix for CVE-2020-36767, which only considered single and double quote characters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
vareille tiny_file_dialogs |