VDB

DEBIAN-CVE-2023-38252

DEBIAN-CVE-2023-38252 PUBLISHED CVSS 5.5 MEDIUM

An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.

Risk Scores

CVSS 3.1
5.5
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products

VendorProductVersions
Debian:14w3m0, *, 0.5.3+git20230121-2.3
Debian:11w3m*, 0, 0.5.3+git20210102-6
Debian:12w3m0, 0.5.3+git20230121-2.2, 0.5.3+git20230121-2.3
Debian:13w3m0, 0.5.3+git20230121-2.3, *

Timeline

  • Jul 14, 2023 CVE Published
  • Apr 28, 2026 CVE Updated
Open in Interactive Console →
$ Console Community · 100/wk Open console ›