Hello MichaĆ, thanks for the bug report.
Canonical is a CNA that can assign CVEs, but we are limited in which
programs and which conditions we can assign numbers. For this issue,
please request a CVE from https://cveform.mitre.org/ .
Typically, command line parameters are assumed to be trusted in
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is availabl
