It was discovered that the wordexp() function of tinygltf, a library to load/save glTF (GL Transmission Format) files was susceptible to command execution when processing untrusted files.
This article has been indexed from LinuxSecurity.com – Hybrid RSS
Read the original article: