VDB
GCVE-110-MAGEIA-2026-116
GCVE-110-MAGEIA-2026-116
Advisory Published
In OCaml opam before 2.5.1, a .install field containing a destination
filepath can use ../ to reach a parent directory. (CVE-2026-41082)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | opam | 0 (affected), 2.1.3-1.1.mga9 (unaffected) | — |
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.