{"id":"CVE-2017-1000211","details":"Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a chunk onto itself.","modified":"2026-04-16T06:18:41.333567715Z","published":"2017-11-17T15:29:00.310Z","related":["SUSE-SU-2017:3180-1"],"references":[{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2017/11/msg00021.html"},{"type":"WEB","url":"http://www.securityfocus.com/bid/102180"},{"type":"ADVISORY","url":"https://github.com/ThomasDickey/lynx-snapshots/commit/280a61b300a1614f6037efc0902ff7ecf17146e9"},{"type":"ADVISORY","url":"http://lynx.invisible-island.net/current/CHANGES.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ThomasDickey/lynx-snapshots","events":[{"introduced":"0"},{"last_affected":"f3c226747c841f40c7a86c1dd07b478114dfcd6c"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.8.9-dev15"}]}},{"type":"GIT","repo":"https://github.com/thomasdickey/lynx-snapshots","events":[{"introduced":"0"},{"fixed":"280a61b300a1614f6037efc0902ff7ecf17146e9"}]}],"versions":["2-8rel_3","v2-7-1","v2-7-1ac-0_111","v2-7-1ac-0_113","v2-7-1ac-0_114","v2-7-1ac-0_115","v2-7-1ac-0_117","v2-7-1ac_0-102","v2-7-1ac_0-105","v2-7-1ac_0-106","v2-7-1ac_0-110","v2-7-1ac_0-28","v2-7-1ac_0-30","v2-7-1ac_0-36","v2-7-1ac_0-38","v2-7-1ac_0-39","v2-7-1ac_0-42","v2-7-1ac_0-43","v2-7-1ac_0-45","v2-7-1ac_0-46","v2-7-1ac_0-47","v2-7-1ac_0-48","v2-7-1ac_0-52","v2-7-1ac_0-55","v2-7-1ac_0-56","v2-7-1ac_0-57","v2-7-1ac_0-58","v2-7-1ac_0-6","v2-7-1ac_0-60","v2-7-1ac_0-64","v2-7-1ac_0-67","v2-7-1ac_0-68","v2-7-1ac_0-69","v2-7-1ac_0-76","v2-7-1ac_0-84","v2-7-1ac_0-89","v2-7-1ac_0-93","v2-7-1ac_0-95","v2-7-1ac_0-97","v2-8-1dev_10","v2-8-1dev_11","v2-8-1dev_12","v2-8-1dev_13","v2-8-1dev_14","v2-8-1dev_16","v2-8-1dev_17","v2-8-1dev_18","v2-8-1dev_19","v2-8-1dev_2","v2-8-1dev_20","v2-8-1dev_21","v2-8-1dev_22","v2-8-1dev_23","v2-8-1dev_24","v2-8-1dev_25","v2-8-1dev_26","v2-8-1dev_28","v2-8-1dev_29","v2-8-1dev_3","v2-8-1dev_4","v2-8-1dev_5","v2-8-1dev_6","v2-8-1dev_7","v2-8-1dev_8","v2-8-1dev_9","v2-8-1pre_1","v2-8-1pre_10","v2-8-1pre_11","v2-8-1pre_2","v2-8-1pre_3","v2-8-1pre_4","v2-8-1pre_5","v2-8-1pre_6","v2-8-1pre_7","v2-8-1pre_8","v2-8-1pre_9","v2-8-1rel_1","v2-8-1rel_2","v2-8-2dev_1","v2-8-2dev_10","v2-8-2dev_11","v2-8-2dev_12","v2-8-2dev_13","v2-8-2dev_14","v2-8-2dev_15","v2-8-2dev_16","v2-8-2dev_17","v2-8-2dev_18","v2-8-2dev_19","v2-8-2dev_2","v2-8-2dev_20","v2-8-2dev_21","v2-8-2dev_22","v2-8-2dev_23","v2-8-2dev_24","v2-8-2dev_25","v2-8-2dev_26","v2-8-2dev_3","v2-8-2dev_4","v2-8-2dev_5","v2-8-2dev_6","v2-8-2dev_7","v2-8-2dev_8","v2-8-2dev_9","v2-8-2pre_1","v2-8-2pre_10","v2-8-2pre_11","v2-8-2pre_2","v2-8-2pre_3","v2-8-2pre_4","v2-8-2pre_5","v2-8-2pre_6","v2-8-2pre_7","v2-8-2pre_8","v2-8-2pre_9","v2-8-2rel_1","v2-8-3_3","v2-8-3dev_1","v2-8-3dev_10","v2-8-3dev_11","v2-8-3dev_12","v2-8-3dev_13","v2-8-3dev_14","v2-8-3dev_15","v2-8-3dev_16","v2-8-3dev_17","v2-8-3dev_18","v2-8-3dev_19","v2-8-3dev_2","v2-8-3dev_20","v2-8-3dev_21","v2-8-3dev_22","v2-8-3dev_23","v2-8-3dev_4","v2-8-3dev_5","v2-8-3dev_6","v2-8-3dev_7","v2-8-3dev_9","v2-8-3pre_1","v2-8-3pre_2","v2-8-3pre_3","v2-8-3pre_4","v2-8-3pre_5","v2-8-3pre_6","v2-8-3pre_7","v2-8-3pre_8","v2-8-3rel_1","v2-8-4dev_1","v2-8-4dev_10","v2-8-4dev_11","v2-8-4dev_12","v2-8-4dev_13","v2-8-4dev_14","v2-8-4dev_15","v2-8-4dev_16","v2-8-4dev_17","v2-8-4dev_18","v2-8-4dev_19","v2-8-4dev_2","v2-8-4dev_20","v2-8-4dev_21","v2-8-4dev_3","v2-8-4dev_4","v2-8-4dev_5","v2-8-4dev_6","v2-8-4dev_7","v2-8-4dev_8","v2-8-4dev_9","v2-8-4pre_1","v2-8-4pre_2","v2-8-4pre_3","v2-8-4pre_4","v2-8-4pre_5","v2-8-4rel_1","v2-8-5dev_1","v2-8-5dev_11","v2-8-5dev_12","v2-8-5dev_13","v2-8-5dev_14","v2-8-5dev_15","v2-8-5dev_16","v2-8-5dev_17","v2-8-5dev_2","v2-8-5dev_3","v2-8-5dev_4","v2-8-5dev_5","v2-8-5dev_6","v2-8-5dev_7","v2-8-5dev_8","v2-8-5dev_9","v2-8-5pre_1","v2-8-5pre_2","v2-8-5pre_3","v2-8-5pre_4","v2-8-5pre_5","v2-8-5rel_1","v2-8-6dev_1","v2-8-6dev_10","v2-8-6dev_11","v2-8-6dev_12","v2-8-6dev_13","v2-8-6dev_14","v2-8-6dev_15","v2-8-6dev_16","v2-8-6dev_17","v2-8-6dev_18","v2-8-6dev_19","v2-8-6dev_2","v2-8-6dev_3","v2-8-6dev_4","v2-8-6dev_5","v2-8-6dev_6","v2-8-6dev_7","v2-8-6dev_8","v2-8-6dev_9","v2-8-6pre_2","v2-8-6pre_3","v2-8-6pre_4","v2-8-6pre_5","v2-8-6pre_6","v2-8-6rel_1","v2-8-6rel_2","v2-8-7dev_1","v2-8-7dev_10","v2-8-7dev_10b","v2-8-7dev_10c","v2-8-7dev_10d","v2-8-7dev_10e","v2-8-7dev_11","v2-8-7dev_11a","v2-8-7dev_11b","v2-8-7dev_11c","v2-8-7dev_11d","v2-8-7dev_12","v2-8-7dev_12a","v2-8-7dev_12b","v2-8-7dev_12c","v2-8-7dev_12d","v2-8-7dev_12e","v2-8-7dev_12f","v2-8-7dev_12g","v2-8-7dev_13","v2-8-7dev_13b","v2-8-7dev_13c","v2-8-7dev_13d","v2-8-7dev_15f","v2-8-7dev_2","v2-8-7dev_3","v2-8-7dev_4","v2-8-7dev_4a","v2-8-7dev_4b","v2-8-7dev_4c","v2-8-7dev_4d","v2-8-7dev_4e","v2-8-7dev_4f","v2-8-7dev_5","v2-8-7dev_5a","v2-8-7dev_5b","v2-8-7dev_5c","v2-8-7dev_5d","v2-8-7dev_5e","v2-8-7dev_5f","v2-8-7dev_6","v2-8-7dev_7","v2-8-7dev_7a","v2-8-7dev_7b","v2-8-7dev_7c","v2-8-7dev_7d","v2-8-7dev_7e","v2-8-7dev_8","v2-8-7dev_8a","v2-8-7dev_8b","v2-8-7dev_8c","v2-8-7dev_9","v2-8-7dev_9a","v2-8-7dev_9b","v2-8-7dev_9c","v2-8-7dev_9d","v2-8-7dev_9e","v2-8-7dev_9f","v2-8-7dev_9g","v2-8-7dev_9h","v2-8-7dev_9i","v2-8-7dev_9j","v2-8-7dev_9k","v2-8-7dev_9m","v2-8-7dev_9n","v2-8-7dev_c-pbm","v2-8-7pre_1","v2-8-7pre_1a","v2-8-7pre_1b","v2-8-7pre_2","v2-8-7pre_2a","v2-8-7pre_2b","v2-8-7pre_2c","v2-8-7pre_2d","v2-8-7pre_3","v2-8-7pre_3a","v2-8-7pre_4","v2-8-7pre_4a","v2-8-7pre_4b","v2-8-7pre_5","v2-8-7pre_5b","v2-8-7pre_5c","v2-8-7pre_6","v2-8-7pre_6b","v2-8-7rel_1","v2-8-8deb_11b","v2-8-8dev-15b","v2-8-8dev-15c","v2-8-8dev-15j","v2-8-8dev_0a","v2-8-8dev_0b","v2-8-8dev_1","v2-8-8dev_10","v2-8-8dev_10a","v2-8-8dev_10b","v2-8-8dev_11","v2-8-8dev_11a","v2-8-8dev_12","v2-8-8dev_12a","v2-8-8dev_12b","v2-8-8dev_12c","v2-8-8dev_12d","v2-8-8dev_12e","v2-8-8dev_12f","v2-8-8dev_12g","v2-8-8dev_12h","v2-8-8dev_12i","v2-8-8dev_12j","v2-8-8dev_12k","v2-8-8dev_12l","v2-8-8dev_12m","v2-8-8dev_13","v2-8-8dev_14","v2-8-8dev_14a","v2-8-8dev_14b","v2-8-8dev_14c","v2-8-8dev_14d","v2-8-8dev_14e","v2-8-8dev_14f","v2-8-8dev_14g","v2-8-8dev_14h","v2-8-8dev_14i","v2-8-8dev_14j","v2-8-8dev_15","v2-8-8dev_15d","v2-8-8dev_15e","v2-8-8dev_15g","v2-8-8dev_15h","v2-8-8dev_15i","v2-8-8dev_16","v2-8-8dev_16a","v2-8-8dev_16b","v2-8-8dev_16c","v2-8-8dev_16d","v2-8-8dev_16e","v2-8-8dev_16f","v2-8-8dev_16g","v2-8-8dev_16h","v2-8-8dev_16i","v2-8-8dev_16j","v2-8-8dev_16k","v2-8-8dev_16l","v2-8-8dev_16m","v2-8-8dev_16n","v2-8-8dev_16o","v2-8-8dev_16p","v2-8-8dev_16q","v2-8-8dev_16r","v2-8-8dev_16s","v2-8-8dev_16t","v2-8-8dev_16u","v2-8-8dev_16v","v2-8-8dev_16w","v2-8-8dev_16x","v2-8-8dev_17","v2-8-8dev_1a","v2-8-8dev_1c","v2-8-8dev_1d","v2-8-8dev_2","v2-8-8dev_2a","v2-8-8dev_2b","v2-8-8dev_2c","v2-8-8dev_2d","v2-8-8dev_2e","v2-8-8dev_2f","v2-8-8dev_2g","v2-8-8dev_2h","v2-8-8dev_2i","v2-8-8dev_3","v2-8-8dev_3a","v2-8-8dev_3b","v2-8-8dev_3c","v2-8-8dev_3d","v2-8-8dev_3e","v2-8-8dev_3f","v2-8-8dev_3g","v2-8-8dev_3h","v2-8-8dev_3i","v2-8-8dev_4","v2-8-8dev_4a","v2-8-8dev_4b","v2-8-8dev_5","v2-8-8dev_5a","v2-8-8dev_5b","v2-8-8dev_5c","v2-8-8dev_5d","v2-8-8dev_5e","v2-8-8dev_5f","v2-8-8dev_5g","v2-8-8dev_6","v2-8-8dev_6a","v2-8-8dev_6b","v2-8-8dev_6c","v2-8-8dev_6d","v2-8-8dev_6e","v2-8-8dev_6f","v2-8-8dev_6g","v2-8-8dev_7","v2-8-8dev_7a","v2-8-8dev_8","v2-8-8dev_8a","v2-8-8dev_8b","v2-8-8dev_8c","v2-8-8dev_8d","v2-8-8dev_8e","v2-8-8dev_8f","v2-8-8dev_8g","v2-8-8dev_8h","v2-8-8dev_8i","v2-8-8dev_8j","v2-8-8dev_8k","v2-8-8dev_8l","v2-8-8dev_8m","v2-8-8dev_8n","v2-8-8dev_9","v2-8-8dev_9a","v2-8-8dev_9b","v2-8-8dev_9c","v2-8-8dev_9d","v2-8-8dev_9e","v2-8-8dev_9f","v2-8-8dev_9g","v2-8-8dev_9h","v2-8-8dev_9i","v2-8-8dev_9j","v2-8-8dev_9k","v2-8-8dev_9l","v2-8-8dev_9m","v2-8-8dev_9n","v2-8-8dev_9o","v2-8-8pre_1","v2-8-8pre_1a","v2-8-8pre_1b","v2-8-8pre_1c","v2-8-8pre_1d","v2-8-8pre_1e","v2-8-8pre_2","v2-8-8pre_2a","v2-8-8pre_2b","v2-8-8pre_3","v2-8-8pre_3a","v2-8-8pre_3b","v2-8-8pre_3c","v2-8-8pre_4","v2-8-8pre_4a","v2-8-8pre_4b","v2-8-8pre_4c","v2-8-8pre_4d","v2-8-8pre_4e","v2-8-8pre_4f","v2-8-8pre_4g","v2-8-8pre_5","v2-8-8rel_1","v2-8-8rel_1a","v2-8-8rel_1b","v2-8-8rel_1c","v2-8-8rel_1d","v2-8-8rel_2","v2-8-9dev_1","v2-8-9dev_10","v2-8-9dev_10a","v2-8-9dev_11","v2-8-9dev_11a","v2-8-9dev_11b","v2-8-9dev_11c","v2-8-9dev_11d","v2-8-9dev_11e","v2-8-9dev_11g","v2-8-9dev_11h","v2-8-9dev_11j","v2-8-9dev_11k","v2-8-9dev_11l","v2-8-9dev_11m","v2-8-9dev_11n","v2-8-9dev_11o","v2-8-9dev_11p","v2-8-9dev_11q","v2-8-9dev_11r","v2-8-9dev_12","v2-8-9dev_12a","v2-8-9dev_13","v2-8-9dev_13a","v2-8-9dev_13b","v2-8-9dev_13c","v2-8-9dev_14","v2-8-9dev_14a","v2-8-9dev_14b","v2-8-9dev_14c","v2-8-9dev_14d","v2-8-9dev_14e","v2-8-9dev_14f","v2-8-9dev_15","v2-8-9dev_15a","v2-8-9dev_15b","v2-8-9dev_15c","v2-8-9dev_15d","v2-8-9dev_15e","v2-8-9dev_15f","v2-8-9dev_15g","v2-8-9dev_16","v2-8-9dev_1a","v2-8-9dev_1b","v2-8-9dev_1c","v2-8-9dev_1d","v2-8-9dev_1e","v2-8-9dev_1f","v2-8-9dev_1g","v2-8-9dev_1h","v2-8-9dev_1i","v2-8-9dev_2","v2-8-9dev_2a","v2-8-9dev_2b","v2-8-9dev_2c","v2-8-9dev_3a","v2-8-9dev_4","v2-8-9dev_4a","v2-8-9dev_4b","v2-8-9dev_5","v2-8-9dev_5a","v2-8-9dev_5b","v2-8-9dev_5c","v2-8-9dev_5d","v2-8-9dev_5e","v2-8-9dev_5f","v2-8-9dev_5g","v2-8-9dev_6","v2-8-9dev_6a","v2-8-9dev_6b","v2-8-9dev_6c","v2-8-9dev_6d","v2-8-9dev_6e","v2-8-9dev_6f","v2-8-9dev_6g","v2-8-9dev_6h","v2-8-9dev_6i","v2-8-9dev_6j","v2-8-9dev_6k","v2-8-9dev_6l","v2-8-9dev_6m","v2-8-9dev_6n","v2-8-9dev_6o","v2-8-9dev_6p","v2-8-9dev_6q","v2-8-9dev_6r","v2-8-9dev_6s","v2-8-9dev_7","v2-8-9dev_7a","v2-8-9dev_8","v2-8-9dev_8a","v2-8-9dev_8b","v2-8-9dev_8c","v2-8-9dev_8d","v2-8-9dev_9","v2-8-9dev_9a","v2-8-9dev_9b","v2-8-9dev_9c","v2-8-9dev_9d","v2-8-9dev_9e","v2-8-9dev_9f","v2-8-9dev_9g","v2-8-9dev_9h","v2-8-9dev_9i","v2-8-9dev_9j","v2-8-9dev_9k","v2-8pre_2","v2-8pre_3","v2-8pre_4","v2-8pre_5","v2-8rel_1","v2_6","v2_6_961130","v2_6fm_970129","v2_6fm_970206","v2_6fm_970209","v2_7","v2_8_8dev_6c","v2_8_8dev_6d","v2_8_8dev_8a","v2_8_8dev_8b","v2_8_8dev_9a","v2_8_8dev_9b","v2_8_8dev_9c"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000211.json","vanir_signatures_modified":"2026-04-11T03:56:45Z","vanir_signatures":[{"id":"CVE-2017-1000211-0e44be72","source":"https://github.com/thomasdickey/lynx-snapshots/commit/280a61b300a1614f6037efc0902ff7ecf17146e9","signature_version":"v1","target":{"file":"src/HTML.c"},"digest":{"line_hashes":["276839244041874253570716174498195113638","307313134925977423242669220638044571015","138471024090996347877172975038942003109","38578827775557295977188478865522106010","110202609554451055184914786519942653828","23538530354550592995262881671355683419","79430180806067039076195305377639297800","55074426441029647376758328889087463288","3329120400151045882173454259733388426","120739159841392223983970639681273638075","122459131643402643921618828426843906689","299006699557291525540079984182083068289","64185396801546596709603834300295942789","243963935790960629377563581495005918140","117537319363288467654856474891996104371","297470778873332004540178574241275155980","278090903608714666961036483297682549639","101342505753597164020756215211144041648","89767970756697346388065157250709990627","126299550969772521555373646403212372434","214223916378735274028816894264026879274","77759529769371009645296606445069848711","7185927236794311802030527710850114899","276016807517611968322827676265961971776","74350536191421510730911868521372287158","47852397670890322263799896502415851986","112841107492005538712845046354219144262","102514329368412264853660561048453178848","208647209538448564612630161310793050153","108587633537507210242609878158511307392","317713673196000103948125696324209305928","65623567037517039063726813147792559939","68590562356389739011233555522011571148"],"threshold":0.9},"deprecated":false,"signature_type":"Line"},{"signature_type":"Function","id":"CVE-2017-1000211-a1743f3b","signature_version":"v1","target":{"file":"src/HTML.c","function":"HTML_put_string"},"digest":{"length":2457,"function_hash":"27363568686723496792149262710242149081"},"deprecated":false,"source":"https://github.com/thomasdickey/lynx-snapshots/commit/280a61b300a1614f6037efc0902ff7ecf17146e9"}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"}]}