Linux Distros Unpatched Vulnerability : CVE-2017-17522

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allo...

The vulnerability of the Lib/webbrowser.py component in the Python programming language allows a perpetrator to access confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Lib/webbrowser.py component of the Python interpreter is related to insufficient neutralization of special elements in requests. Exploiting this vulnerability can allow an attacker to gain access to confidential data, compromise its integrity, and cause service failures...

CVE-2017-17522

...

AZL-6823 CVE-2017-17522 affecting package python2 for versions less than 2.7.18-8

Lib/webbrowser.py in Python through 3.6.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. NOTE: a software maintainer indicates that exploitation is...