VDB

GCVE-110-MAGEIA-2017-52

GCVE-110-MAGEIA-2017-52
Advisory Published
Vulnetix · Advisory published February 20, 2017
Lynx doesn't parse the authority component of the URL correctly when the host name part ends with '?', and could instead be tricked into connecting to a different host. (CVE-2016-9179)

Affected Products

VendorProductVersionsPlatforms
Mageiacups0 (affected), 2.2.4-1.mga6 (unaffected)
Mageialynx0 (affected), 2.8.8-1.rel2.3.1.mga5 (unaffected), 0 (affected), 2.8.8-1.rel2.3.1.mga5 (unaffected)

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›