CVE-2021-38165 log

Severity High
Remote Yes
Type Information disclosure
HTParse in Lynx through 2.8.9 mishandles the userinfo subcomponent of a URI, which allows remote attackers to discover cleartext credentials because they may appear in SNI data or HTTP headers.
Group Package Affected Fixed Severity Status Ticket
AVG-2261 lynx 2.8.9-3 2.8.9-4 High Fixed FS#71764
Date Advisory Group Package Severity Type
10 Aug 2021 ASA-202108-9 AVG-2261 lynx High information disclosure