Vulnerabilities > Nip2 Project

DATE CVE VULNERABILITY TITLE RISK
2017-12-14 CVE-2017-17514 Injection vulnerability in multiple products
boxes.c in nip2 8.4.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
network
low complexity
nip2-project debian CWE-74
8.8