4 matches found
MGASA-2024-0105 Updated w3m packages fix security vulnerabilities
An out-of-bounds read flaw was found in w3m, in the Strnewsize function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file. CVE-2023-38252 An out-of-bounds read flaw was found in w3m, in the growbuftoStr function in indep.c. This issue may allow an...
Updated w3m packages fix security vulnerabilities
An out-of-bounds read flaw was found in w3m, in the Strnewsize function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file. CVE-2023-38252 An out-of-bounds read flaw was found in w3m, in the growbuftoStr function in indep.c. This issue may allow an...
MGASA-2023-0006 Updated w3m packages fix security vulnerability
There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact. CVE-2022-38223...
Moderate: Red Hat Security Advisory: : Updated w3m packages fix cross-site scripting issues
New w3m packages are available that fix two cross-site scripting issues. w3m is a pager with Web browsing capabilities. Two cross-site scripting XSS issues have been found in w3m. An XSS vulnerability in w3m 0.3.2 allows remote attackers to insert arbitrary HTML and web script into frames. Frames...