Distrobox before 1.7.0.1 allows attackers to execute arbitrary code via command injection into exported executables.
{ "ubuntu_priority": "medium" }