Gentoo Xdg-Utils vulnerabilities

CVE-2014-9622 [MEDIUM] CWE-77 CVE-2014-9622: Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identi Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is identified, allows context-dependent attackers to execute arbitrary code via the URL argument to xdg-open.

CVE-2008-0386 [MEDIUM] CWE-20 CVE-2008-0386: Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via Xdg-utils 1.0.2 and earlier allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a URL argument to (1) xdg-open or (2) xdg-email.