CVE-2016-9179

Published

Last updated

NVD

https://nvd.nist.gov/vuln/detail/CVE-2016-9179

Severity

7.5

High

CVSS V3

Description

lynx: It was found that Lynx doesn't parse the authority component of the URL correctly when the host name part ends with '?', and could instead be tricked into connecting to a different host.

References

https://images.chainguard.dev/security/CGA-wmqx-m758-722x
https://github.com/advisories/GHSA-r2wx-qjhc-7h6p
http://www.openwall.com/lists/oss-security/2016/11/04/1
http://www.securityfocus.com/bid/94215

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

The trusted source for open source

Talk to an expert

Privacy

Terms

Product

Chainguard Containers Chainguard Libraries Chainguard VMs Integrations Pricing

Solutions

FedRAMP PCI DSS Golden Images CVE Remediation Public Sector

Customers

Customer Stories Chainguard Reviews

Resources

Events & Webinars Chainguard Courses Documentation Trust Center

Company

About Us Blog Partners Newsroom Careers Legal