Dismissed suggestions Untriaged suggestions Draft issues Published issues Automatically generated suggestions Create Draft to queue a suggestion for refinement. Dismiss to remove a suggestion from the queue. CVE-2023-4255 5.5 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 2 months ago W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223) An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition. w3m pkgs.w3m-nox Text-mode web browser nixos-unstable ??? nixpkgs-unstable 0.5.5 pkgs.w3m-full Text-mode web browser nixos-unstable ??? nixpkgs-unstable 0.5.5 pkgs.w3m-batch Text-mode web browser nixos-unstable ??? nixpkgs-unstable 0.5.5 pkgs.w3m-nographics Text-mode web browser nixos-unstable ??? nixpkgs-unstable 0.5.5 Package maintainers: 2 @anthonyroussel Anthony Roussel <anthony@roussel.dev> @toastal toastal <toastal+nix@posteo.net>
CVE-2023-4255 5.5 MEDIUM CVSS version: 3.1 Attack vector (AV): LOCAL Attack complexity (AC): LOW Privileges required (PR): NONE User interaction (UI): REQUIRED Scope (S): UNCHANGED Confidentiality impact (C): NONE Integrity impact (I): NONE Availability impact (A): HIGH created 2 months ago W3m: out-of-bounds write in function checktype() in etc.c (incomplete fix for cve-2022-38223) An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition. w3m pkgs.w3m-nox Text-mode web browser nixos-unstable ??? nixpkgs-unstable 0.5.5 pkgs.w3m-full Text-mode web browser nixos-unstable ??? nixpkgs-unstable 0.5.5 pkgs.w3m-batch Text-mode web browser nixos-unstable ??? nixpkgs-unstable 0.5.5 pkgs.w3m-nographics Text-mode web browser nixos-unstable ??? nixpkgs-unstable 0.5.5 Package maintainers: 2 @anthonyroussel Anthony Roussel <anthony@roussel.dev> @toastal toastal <toastal+nix@posteo.net>