Comment 0 for bug 2021476

CVE-2022-38223: https://nvd.nist.gov/vuln/detail/CVE-2022-38223

There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact.

Base Score: High

References:

https://security-tracker.debian.org/tracker/CVE-2022-38223

['avahi-daemon_0.8-5_amd64.deb===>avahi-daemon_0.8-5+deb11u2_amd64.deb', 'libavahi-client3_0.8-5_amd64.deb===>libavahi-client3_0.8-5+deb11u2_amd64.deb', 'libavahi-common3_0.8-5_amd64.deb===>libavahi-common3_0.8-5+deb11u2_amd64.deb', 'libavahi-common-data_0.8-5_amd64.deb===>libavahi-common-data_0.8-5+deb11u2_amd64.deb', 'libavahi-core7_0.8-5_amd64.deb===>libavahi-core7_0.8-5+deb11u2_amd64.deb', 'libavahi-glib1_0.8-5_amd64.deb===>libavahi-glib1_0.8-5+deb11u2_amd64.deb']