CVE-2010-2246

EPSS 4.8%

Published: 5/26/2011Modified: 4/28/2026

Also known as:DEBIAN-CVE-2010-2246

Description

feh before 1.8, when the --wget-timestamp option is enabled, might allow remote attackers to execute arbitrary commands via shell metacharacters in a URL.

Affected packages (1)

Debian/fehfrom 0, < 1.8-1

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2010-2246