CVE-2016-9179

Опубликовано: 03 нояб. 2016

Источник: redhat

CVSS3: 5.4

CVSS2: 5.8

EPSS Низкий

Описание

lynx: It was found that Lynx doesn't parse the authority component of the URL correctly when the host name part ends with '?', and could instead be tricked into connecting to a different host.

Затронутые пакеты

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	lynx	Will not fix
Red Hat Enterprise Linux 6	lynx	Will not fix
Red Hat Enterprise Linux 7	lynx	Will not fix

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

https://bugzilla.redhat.com/show_bug.cgi?id=1391861lynx: Invalid URL parsing of pages containing '?'

EPSS

Процентиль: 51%

0.00275

Низкий

5.4 Medium

CVSS3

5.8 Medium

CVSS2

Связанные уязвимости

CVE-2016-9179

CVSS3: 7.5

ubuntu

около 9 лет назад

lynx: It was found that Lynx doesn't parse the authority component of the URL correctly when the host name part ends with '?', and could instead be tricked into connecting to a different host.

CVE-2016-9179

CVSS3: 7.5

nvd

около 9 лет назад

lynx: It was found that Lynx doesn't parse the authority component of the URL correctly when the host name part ends with '?', and could instead be tricked into connecting to a different host.

CVE-2016-9179

CVSS3: 7.5

msrc

5 месяцев назад

It was found that Lynx doesn't parse the authority component of the URL correctly

CVE-2016-9179

CVSS3: 7.5

debian

около 9 лет назад

lynx: It was found that Lynx doesn't parse the authority component of ...

openSUSE-SU-2017:0668-1

suse-cvrf

почти 9 лет назад

Security update for lynx

EPSS

Процентиль: 51%

0.00275

Низкий

5.4 Medium

CVSS3

5.8 Medium

CVSS2