Lucene search
CVE-2017-18266
The open_envvar function in xdg-open in xdg-utils before 1.1.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL
Show more
| Reporter | Title | Published | Views | Family All 40 |
|---|---|---|---|---|
 | CVE-2017-18266 | 10 May 201814:29 | – | osv |
| xdg-utils - security update | 25 May 201800:00 | – | osv |
| xdg-utils - security update | 25 May 201800:00 | – | osv |
| OPENSUSE-SU-2024:11518-1 xdg-utils-1.1.3+20201113-1.2 on GA media | 15 Jun 202400:00 | – | osv |
 | EulerOS 2.0 SP3 : xdg-utils (EulerOS-SA-2021-1861) | 30 Apr 202100:00 | – | nessus |
| Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : xdg-utils vulnerability (USN-3650-1) | 23 May 201800:00 | – | nessus |
| Debian DLA-1384-1 : xdg-utils security update | 29 May 201800:00 | – | nessus |
| Fedora 28 : xdg-utils (2018-efd98d9a58) | 3 Jan 201900:00 | – | nessus |
| Debian DSA-4211-1 : xdg-utils - security update | 29 May 201800:00 | – | nessus |
| openSUSE Security Update : xdg-utils (openSUSE-2019-420) | 27 Mar 201900:00 | – | nessus |
10
Node
Node
Node
OROROR
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo10 May 2018 14:29Current
8.2High risk
Vulners AI Score8.2
CVSS26.8
CVSS38.8
EPSS0.01377