High severity8.8NVD Advisory· Published Dec 14, 2017· Updated Jun 17, 2026
CVE-2017-17516
CVE-2017-17516
Description
scripts/inspect_webbrowser.py in Reddit Terminal Viewer (RTV) 1.19.0 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
rtvPyPI | <= 1.19.0 | — |
Affected products
2- cpe:2.3:a:reddit_terminal_viewer_project:reddit_terminal_viewer:1.19.0:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
4- github.com/advisories/GHSA-336h-q7mh-8vf8ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2017-17516ghsaADVISORY
- security-tracker.debian.org/tracker/CVE-2017-17516nvdIssue TrackingThird Party AdvisoryWEB
- github.com/michael-lazar/rtv/issues/531ghsaWEB
News mentions
0No linked articles in our index yet.