10 matches found
CVE-2017-17522 affecting package python2 for versions less than 2.7.18-8
CVE-2017-17522 affecting package python2 for versions less than 2.7.18-8. A patched version of the package is available...
CVE-2017-17522 affecting package python2 2.7.18-14
CVE-2017-17522 affecting package python2 2.7.18-14. A patched version of the package is available...
CVE-2017-17522
DISPUTED Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that...
CVE-2017-17522
Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is...
CVE-2017-17522
Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is...
DEBIAN-CVE-2017-17522
Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is...
CVE-2017-17522
Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is...
CVE-2017-17522
CVE-2017-17522 affects Lib/webbrowser.py in Python up to 3.6.3, where strings are not validated before launching the program named in the BROWSER env var, potentially enabling argument-injection via a crafted URL. Nessus notes exploitation is considered impossible due to subprocess.Popen with she...
CVE-2017-17522
Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is...
CVE-2017-17522
Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is...