[Debian] CVE: CVE-2022-38223: w3m: an attacker to cause Denial of Service
Bug #2021476 reported by
Yue Tao
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
StarlingX |
Fix Released
|
High
|
hqbai |
Bug Description
CVE-2022-38223: https:/
There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact.
Base Score: High
References:
https:/
['w3m_0.
CVE References
Changed in starlingx: | |
assignee: | nobody → hqbai (hbai) |
description: | updated |
To post a comment you must log in.
Fix proposed to branch: master /review. opendev. org/c/starlingx /tools/ +/886234
Review: https:/