Unity Linux 20.1060e / 20.1070e Security Update: lynx (UTSA-2026-016667)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-016667 advisory. Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data...

Astra Linux - уязвимость в lynx

Lynx versions up to 2.8.9 mishandled the userinfo subcomponent of a URI, allowing remote attackers to discover cleartext credentials, as these credentials might appear in SNI data...

ROS-20260209-73-0003

A vulnerability in the userinfo subcomponent of the Lynx text-based web browser is related to SNI credential disclosure. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to sensitive data...

lynx: Disclosure of HTTP authentication credentials via SNI data

A flaw was found in the way lynx parsed URLs with userinfo part containing authentication credentials. These credentials were included in the Server Name Indication SNI TLS extension data and sent unencrypted during the TLS connection handshake. This could lead to exposure of authentication...

ALSA-2022:2129 Moderate: lynx security update

Lynx is a text-based Web browser. Lynx does not display any images, but it does support frames, tables, and most other HTML tags. Security Fixes: lynx: Disclosure of HTTP authentication credentials via SNI data CVE-2021-38165 For more details about the security issues, including the impact, a CVS...

The vulnerability of the userinfo sub-component in the Lynx text-based web browser lies in the insufficient protection of registration data, allowing attackers to access confidential information.

The vulnerability of the userinfo sub-component in the Lynx text-based web browser is related to the disclosure of credentials via SNI. Exploiting this vulnerability could allow an attacker, operating remotely, to gain access to confidential data...

OESA-2021-1326 lynx security update

Lynx is a fully-featured World Wide Web WWW client for users running cursor-addressable, character-cell display devices such as vt100 terminals, vt100 emulators running on Windows 95/NT or Macintoshes, or any other character-cell display. It will display Hypertext Markup Language HTML documents...

[SECURITY] [DSA 4953-1] lynx security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4953-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 10, 2021 https://www.debian.org/security/faq -...

Vulnerability fixed in Lynx

A vulnerability has been fixed in Lynx. A malicious person at remote can exploit the vulnerability to obtain login credentials sent over HTTPS via Lynx to a server. transmitted. To do this, the malicious party must have access to network traffic between the victim and the server. It is not...

[SECURITY] [DLA 2736-1] lynx security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-2736-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb August 09, 2021 https://wiki.debian.org/LTS -...

DEBIAN-CVE-2021-38165

Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data...

UBUNTU-CVE-2021-38165

Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data...

Lynx URL Redirection Vulnerability

Lynx is a text-only web browser. Lynx has a redirection vulnerability that can be exploited to construct malicious URIs, trick users into parsing them, and redirect them to arbitrary web sites for phishing attacks...

CentOS Update for lynx CESA-2008:0965-01 centos2 i386

Check for the Version of lynx OpenVAS Vulnerability Test CentOS Update for lynx CESA-2008:0965-01 centos2 i386 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it unde...

Fedora Update for lynx FEDORA-2008-9952

Check for the Version of lynx OpenVAS Vulnerability Test Fedora Update for lynx FEDORA-2008-9952 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Баг в модуле CMS DataLife Engine

Я нашел баг в модуле "ОНЛАЙН СТАТУСА" CMS DataLife Engine. Если зайти на сайт под зарегистрированным пользователем используя браузер Lynx движок сайта перестает нормально работать и выдает только одну строку "Fatal error: Using $this when not in object context in...

CVE-2004-1617

Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service infinite loop via a web page or HTML email that contains invalid HTML including 1 a TEXTAREA tag with a large COLS value and 2 a large tag name in an element that is not terminated, as demonstrated ...

DEBIAN-CVE-2004-1617

Lynx, lynx-ssl, and lynx-cur before 2.8.6dev.8 allow remote attackers to cause a denial of service infinite loop via a web page or HTML email that contains invalid HTML including 1 a TEXTAREA tag with a large COLS value and 2 a large tag name in an element that is not terminated, as demonstrated ...

DEBIAN-CVE-2002-1405

CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters...