CVE-2021-41146: Improper Neutralization of Special Elements used in a Command ('Command Injection')
(updated )
qutebrowser is an open source keyboard-focused browser with a minimal GUI. The fix also adds additional hardening for potential similar issues on Linux (by adding the new –untrusted-args flag to the .desktop file), though no such vulnerabilities are known.
References
Detect and mitigate CVE-2021-41146 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →