MidnightBSD

Advisories for elinks

CVE-2002-1405 MEDIUM

CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
university_of_kansas lynx 2.8.3_rel1
university_of_kansas lynx 2.8.4
university_of_kansas lynx 2.8.3
elinks elinks 0.2.4
links links 0.96
university_of_kansas lynx 2.8.5_dev8
university_of_kansas lynx 2.8.2_rel1
elinks elinks 0.3.2
university_of_kansas lynx 2.8.4_rel1
CVE-2012-6709 MEDIUM

ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate Validation.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-295,

Products Affected

Vendor Product Version
elinks elinks 0.12
twibright links 2.3