Information on source package w3m

Available versions

ReleaseVersion
bullseye0.5.3+git20210102-6+deb11u1
bookworm0.5.3+git20230121-2
trixie0.5.3+git20230121-2
sid0.5.3+git20230121-2

Open issues

BugbullseyebookwormtrixiesidDescription
CVE-2023-4255vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerableAn out-of-bounds write issue has been discovered in the backspace hand ...

Open unimportant issues

BugbullseyebookwormtrixiesidDescription
TEMP-0532514-9137E0vulnerablevulnerablevulnerablevulnerablepredictable random number generator used in web browsers
CVE-2023-38253vulnerablevulnerablevulnerablevulnerableAn out-of-bounds read flaw was found in w3m, in the growbuf_to_Str fun ...
CVE-2023-38252vulnerablevulnerablevulnerablevulnerableAn out-of-bounds read flaw was found in w3m, in the Strnew_size functi ...

Resolved issues

BugDescription
TEMP-0850432-8BD66Fmultiple new security issues
CVE-2022-38223There is an out-of-bounds write in checkType located in etc.c in w3m 0 ...
CVE-2018-6198w3m through 0.5.3 does not properly handle temporary files when the ~/ ...
CVE-2018-6197w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formU ...
CVE-2018-6196w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlinepr ...
CVE-2016-9633An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9632An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9631An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9630An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9629An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9628An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9627An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9626An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9625An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9624An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9623An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9622An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9443An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9442An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9441An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9440An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9439An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9438An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9437An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9436parsetagx.c in w3m before 0.5.3+git20161009 does not properly initiali ...
CVE-2016-9435The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 do ...
CVE-2016-9434An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9433An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9432An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9431An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9430An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9429An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9428An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9426An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9425An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9424An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9423An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2016-9422An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3 ...
CVE-2010-2074istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_se ...
CVE-2006-6772Format string vulnerability in the inputAnswer function in file.c in w ...
CVE-2002-1348w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attri ...
CVE-2002-1335Cross-site scripting (XSS) vulnerability in w3m 0.3.2 does not escape ...

Security announcements

DSA / DLADescription
DLA-3541-1w3m - security update
DLA-2195-1w3m - security update
DSA-251w3m - missing HTML quoting

Search for package or bug name: Reporting problems