Search CVE reports
1 – 4 of 4 results
CVE-2016-9179
Low prioritySome fixes available 1 of 5
lynx: It was found that Lynx doesn't parse the authority component of the URL correctly when the host name part ends with '?', and could instead be tricked into connecting to a different host.
2 affected packages
lynx, lynx-cur
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| lynx | — | Not affected | Not affected | Not affected | Fixed |
| lynx-cur | — | Not in release | Not in release | Not in release | Not in release |
CVE-2012-5821
Medium prioritySome fixes available 4 of 6
Lynx does not verify that the server's certificate is signed by a trusted certification authority, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate, related to improper use of a...
2 affected packages
lynx, lynx-cur
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| lynx | — | — | — | — | — |
| lynx-cur | — | — | — | — | — |
CVE-2010-2810
Low prioritySome fixes available 1 of 6
Heap-based buffer overflow in the convert_to_idna function in WWW/Library/Implementation/HTParse.c in Lynx 2.8.8dev.1 through 2.8.8dev.4 allows remote attackers to cause a denial of service (application crash) or possibly execute...
1 affected packages
lynx-cur
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| lynx-cur | — | — | — | — | — |
CVE-2005-3120
Unknown priorityStack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP servers to execute arbitrary code via certain article headers containing Asian characters that cause Lynx to add extra escape (ESC) characters.
2 affected packages
lynx, lynx-cur
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| lynx | — | — | — | — | — |
| lynx-cur | — | — | — | — | — |