Vulnerabilities > Lynx Project > Lynx > 0.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-08-07 | CVE-2021-38165 | Insufficiently Protected Credentials vulnerability in multiple products Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data. | 5.3 |
| 2018-01-10 | CVE-2014-5002 | Credentials Management vulnerability in Lynx Project Lynx The lynx gem before 1.0.0 for Ruby places the configured password on command lines, which allows local users to obtain sensitive information by listing processes. | 2.1 |