Vulnerabilities > Lynx Project

DATE	CVE	VULNERABILITY TITLE	RISK
2021-08-07	CVE-2021-38165	Insufficiently Protected Credentials vulnerability in multiple products Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data. network high complexity lynx-project debian fedoraproject CWE-522	5.3
2018-01-10	CVE-2014-5002	Credentials Management vulnerability in Lynx Project Lynx The lynx gem before 1.0.0 for Ruby places the configured password on command lines, which allows local users to obtain sensitive information by listing processes. local low complexity lynx-project CWE-255	2.1
2017-11-17	CVE-2017-1000211	Use After Free vulnerability in Lynx Project Lynx 2.8.9 Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a chunk onto itself. network low complexity lynx-project CWE-416	5.0
1999-11-16	CVE-1999-1549	Origin Validation Error vulnerability in Lynx Project Lynx 2.7/2.8 Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands. local low complexity lynx-project CWE-346	7.8

Vulnerabilities > Lynx Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Lynx Project"}]}