Nixpkgs security tracker
Untriaged
Permalink
CVE-2023-38253
4.7 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): LOCAL
- Attack complexity (AC): HIGH
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): HIGH
W3m: out of bounds read in growbuf_to_str() at w3m/indep.c
An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.
References
-
-
-
-
-
https://github.com/tats/w3m/issues/271 x_transferred
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
https://github.com/tats/w3m/issues/271 x_transferred
-
-
-
-
-
https://github.com/tats/w3m/issues/271 x_transferred
Affected products
w3m
Matching in nixpkgs
pkgs.w3m-nox
Text-mode web browser
-
nixos-unstable 0.5.3+git20230121
- nixpkgs-unstable 0.5.3+git20230121
- nixos-unstable-small 0.5.3+git20230121
pkgs.w3m-full
Text-mode web browser
-
nixos-unstable 0.5.3+git20230121
- nixpkgs-unstable 0.5.3+git20230121
- nixos-unstable-small 0.5.3+git20230121
pkgs.w3m-batch
Text-mode web browser
-
nixos-unstable 0.5.3+git20230121
- nixpkgs-unstable 0.5.3+git20230121
- nixos-unstable-small 0.5.3+git20230121
pkgs.w3m-nographics
Text-mode web browser
-
nixos-unstable 0.5.3+git20230121
- nixpkgs-unstable 0.5.3+git20230121
- nixos-unstable-small 0.5.3+git20230121
pkgs.emacsPackages.w3m
None
-
nixos-unstable w3m-20240712.248
- nixpkgs-unstable w3m-20240712.248
- nixos-unstable-small w3m-20240712.248
pkgs.emacsPackages.helm-w3m
None
-
nixos-unstable w3m-20210315.723
- nixpkgs-unstable w3m-20210315.723
- nixos-unstable-small w3m-20210315.723
pkgs.emacsPackages.dic-lookup-w3m
None
-
nixos-unstable w3m-20180526.1621
- nixpkgs-unstable w3m-20180526.1621
- nixos-unstable-small w3m-20180526.1621
Package maintainers
-
@anthonyroussel Anthony Roussel <anthony@roussel.dev>