CVE-2022-38223: https://nvd.nist.gov/vuln/detail/CVE-2022-38223
There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact.
Base Score: High
References:
https://security-tracker.debian.org/tracker/CVE-2022-38223
['avahi-daemon_0.8-5_amd64.deb===>avahi-daemon_0.8-5+deb11u2_amd64.deb', 'libavahi-client3_0.8-5_amd64.deb===>libavahi-client3_0.8-5+deb11u2_amd64.deb', 'libavahi-common3_0.8-5_amd64.deb===>libavahi-common3_0.8-5+deb11u2_amd64.deb', 'libavahi-common-data_0.8-5_amd64.deb===>libavahi-common-data_0.8-5+deb11u2_amd64.deb', 'libavahi-core7_0.8-5_amd64.deb===>libavahi-core7_0.8-5+deb11u2_amd64.deb', 'libavahi-glib1_0.8-5_amd64.deb===>libavahi-glib1_0.8-5+deb11u2_amd64.deb']
CVE-2022-38223: https:/ /nvd.nist. gov/vuln/ detail/ CVE-2022- 38223
There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact.
Base Score: High
References:
https:/ /security- tracker. debian. org/tracker/ CVE-2022- 38223
['avahi- daemon_ 0.8-5_amd64. deb===> avahi-daemon_ 0.8-5+deb11u2_ amd64.deb' , 'libavahi- client3_ 0.8-5_amd64. deb===> libavahi- client3_ 0.8-5+deb11u2_ amd64.deb' , 'libavahi- common3_ 0.8-5_amd64. deb===> libavahi- common3_ 0.8-5+deb11u2_ amd64.deb' , 'libavahi- common- data_0. 8-5_amd64. deb===> libavahi- common- data_0. 8-5+deb11u2_ amd64.deb' , 'libavahi- core7_0. 8-5_amd64. deb===> libavahi- core7_0. 8-5+deb11u2_ amd64.deb' , 'libavahi- glib1_0. 8-5_amd64. deb===> libavahi- glib1_0. 8-5+deb11u2_ amd64.deb' ]