Unrated severityNVD Advisory· Published Aug 7, 2021· Updated Aug 4, 2024
CVE-2021-38165
CVE-2021-38165
Description
Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Lynx/Lynxdescription
Patches
Vulnerability mechanics
References
13- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7YMUHFJJWTZ6HBHTYXVDPNZINGGURHDW/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K6PZF7JNTFCOJ62HXZG4Q2NEHSZ6IO2V/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VKNK7GQBJBUBMJVNKVC7RTCYWUYMFJQW/mitrevendor-advisoryx_refsource_FEDORA
- www.debian.org/security/2021/dsa-4953mitrevendor-advisoryx_refsource_DEBIAN
- www.openwall.com/lists/oss-security/2021/08/07/11mitremailing-listx_refsource_MLIST
- www.openwall.com/lists/oss-security/2021/08/07/12mitremailing-listx_refsource_MLIST
- www.openwall.com/lists/oss-security/2021/08/07/9mitremailing-listx_refsource_MLIST
- bugs.debian.org/991971mitrex_refsource_MISC
- github.com/w3c/libwww/blob/f010b4cc58d32f34b162f0084fe093f7097a61f0/Library/src/HTParse.cmitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2021/08/msg00010.htmlmitremailing-listx_refsource_MLIST
- lynx.invisible-island.net/current/CHANGES.htmlmitrex_refsource_MISC
- www.openwall.com/lists/oss-security/2021/08/07/1mitrex_refsource_MISC
- www.openwall.com/lists/oss-security/2021/08/07/11mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.