Description

dye is a portable and respectful color library for shell scripts. Prior to 1.1.1, certain dye template expressions would result in execution of arbitrary code. This issue was discovered and fixed by dye's author, and is not known to be exploited. This vulnerability is fixed in 1.1.1.

INFO

Published Date :

2026-04-06T19:39:23.095Z

Last Modified :

2026-04-06T19:39:23.095Z

Source :

GitHub_M
AFFECTED PRODUCTS

The following products are affected by CVE-2026-35197 vulnerability.

Vendors Products
Mattieb
  • Dye
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-35197.

URL Resource
https://github.com/mattieb/dye/security/advisories/GHSA-3v4r-5vfh-3wjr cve-icon cve-icon
https://mattiebee.io/dye-template-advisory cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact