MiracleLinux 8 : lynx-2.8.9-4.el8.ML.2 (AXSA:2022-3339:02)

The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3339:02 advisory. lynx: Disclosure of HTTP authentication credentials via SNI data CVE-2021-38165 Tenable has extracted the preceding description block directly from the...

CentOS 9 : lynx-2.8.9-18.el9

The remote CentOS Linux 9 host has a package installed that is affected by a vulnerability as referenced in the lynx-2.8.9-18.el9 build changelog. - Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may...

Medium: lynx

Issue Overview: Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data. CVE-2021-38165 Affected Packages: lynx Issue Correction: Run dnf update lynx --releasever 2023.3.20240219 or dnf...

Medium: lynx

Issue Overview: Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data. CVE-2021-38165 Affected Packages: lynx Issue Correction: Run dnf update lynx --releasever 2023.3.20240219 to updat...

SUSE CVE-2021-38165

Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data...

RHEL 8 : lynx (RHSA-2022:2129)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2022:2129 advisory. Lynx is a text-based Web browser. Lynx does not display any images, but it does support frames, tables, and most other HTML tags. Security Fixes: lyn...

Moderate: Red Hat Security Advisory: lynx security update

An update for lynx is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the C...

Moderate: lynx security update

Lynx is a text-based Web browser. Lynx does not display any images, but it does support frames, tables, and most other HTML tags. Security Fixes: lynx: Disclosure of HTTP authentication credentials via SNI data CVE-2021-38165 For more details about the security issues, including the impact, a CVS...

MGASA-2021-0422 Updated lynx packages fix security vulnerability

Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data. CVE-2021-38165...

[SECURITY] [DSA 4953-1] lynx security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4953-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 10, 2021 https://www.debian.org/security/faq -...

[SECURITY] [DSA 4953-1] lynx security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4953-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 10, 2021 https://www.debian.org/security/faq -...

Debian DLA-2736-1 : lynx - LTS security update

The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-2736 advisory. - Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data...

CVE-2021-38165

Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data...

CVE-2021-38165

Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data...

Design/Logic Flaw

Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data...

CVE-2021-38165

CVE-2021-38165 affects Lynx up to version 2.8.9. HTParse mishandles the URI userinfo subcomponent, risking disclosure of cleartext credentials that may appear in SNI data or HTTP headers. A remote attacker could retrieve credentials during TLS/HTTPS connections. Public advisories in multiple dist...

CVE-2021-38165

Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data...

CVE-2021-38165

Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data...