CNNVD-202506-2963 Information

CNNVD ID

CNNVD-202506-2963

Related CVE

CVE-2025-52968

• CNNVD Published: 2025-06-23

Description (Chinese)

xdg-utils是xdg组织的一个为桌面系统提供集成功能的软件。 xdg-utils 1.2.1及之前版本存在安全漏洞，该漏洞源于xdg-open可能发送包含SameSite=Strict cookie的请求，可能导致跨站请求伪造。

Description (English)

xdg-utils is a software that provides a successful set of capabilities for desktop systems organized by xdg. xdg-utils 1.2.1 and previous versions have a security loophole, which stems from the possibility of xdg-open sending a request containing SameSite =Stractcookie, which could lead to a cross-site request for forgery.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

xdg

Published

2025-06-23

Last Modified

2026-02-24

References

https://cgit.freedesktop.org/xdg/xdg-utils/tag/?h=v1.2.1 https://www.openwall.com/lists/oss-security/2025/06/23/1