Lynx Project: >> Lynx >> 0.2.1 Security Vulnerabilities
Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data.
CVSS Score
5.3
EPSS Score
0.032
Published
2021-08-07
The lynx gem before 1.0.0 for Ruby places the configured password on command lines, which allows local users to obtain sensitive information by listing processes.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-01-10