VYPR

rpm package

suse/lynx&distro=SUSE Linux Enterprise Software Development Kit 11 SP4

pkg:rpm/suse/lynx&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4

Vulnerabilities (2)

  • CVE-2017-1000211MedNov 17, 2017
    affected < 2.8.6-146.3.1fixed 2.8.6-146.3.1

    Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a chunk onto itself.

  • CVE-2016-9179HigDec 22, 2016
    affected < 2.8.6-145.1fixed 2.8.6-145.1

    lynx: It was found that Lynx doesn't parse the authority component of the URL correctly when the host name part ends with '?', and could instead be tricked into connecting to a different host.