VDB

GCVE-110-MAGEIA-2026-116

GCVE-110-MAGEIA-2026-116
Advisory Published
Vulnetix · Advisory published May 7, 2026
In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory. (CVE-2026-41082)

Affected Products

VendorProductVersionsPlatforms
Mageiaopam0 (affected), 2.1.3-1.1.mga9 (unaffected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›