4.3 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:M/Au:N/C:P/I:N/A:N
5.8 Medium
AI Score
Confidence
Low
0.01 Low
EPSS
Percentile
83.7%
Kalle Olavi Niemitalo discovered that if elinks makes a POST request
to an HTTPS URL through a proxy, information may be sent in clear-text
between elinks and the proxy. Attackers with access to the network
could steal sensitive information (such as passwords).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 7.04 | noarch | elinks | < 0.11.1-1.2ubuntu2.2 | UNKNOWN |
Ubuntu | 7.04 | noarch | elinks-lite | < 0.11.1-1.2ubuntu2.2 | UNKNOWN |
Ubuntu | 6.10 | noarch | elinks | < 0.11.1-1ubuntu2.2 | UNKNOWN |
Ubuntu | 6.10 | noarch | elinks-lite | < 0.11.1-1ubuntu2.2 | UNKNOWN |
Ubuntu | 6.06 | noarch | elinks | < 0.10.6-1ubuntu3.2 | UNKNOWN |
Ubuntu | 6.06 | noarch | elinks-lite | < 0.10.6-1ubuntu3.2 | UNKNOWN |