CVE-2023-38252

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2023-38252
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-38252.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2023-38252
Downstream
Related
Published
2023-07-14T18:15:10.990Z
Modified
2025-11-15T06:42:38.167426Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file.

References

Affected packages

Git / github.com/tats/w3m

Affected ranges

Type
GIT
Repo
https://github.com/tats/w3m
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
c8223fed7cc631ad85d8e5665e509e7988bedbab

Affected versions

Other

inu-0-2-2-base
release-0-2-1-inu-1-5
release-0-2-2
release-0-2-3
release-0-2-3-1
release-0-2-3-2
release-0-2-4
release-0-2-5
release-0-3
release-0-3-1
release-0-3-2
release-0-3-2-rc1
release-0-3-2-rc2
release-0-3-2-rc3
release-0-3-2-rc4
release-0-4
release-0-4-1
release-0-4-2
release-0-4-rc1
release-0-4-rc2
release-0-4-rc3
release-0-5
release-0-5-1
release-0-5-2
release-0-5-3

upstream/0.*

upstream/0.1.10+0.1.11pre+kokb23
upstream/0.3
upstream/0.5.1
upstream/0.5.2
upstream/0.5.3

v0.*

v0.5.3+debian-19
v0.5.3+git20150203
v0.5.3+git20150509
v0.5.3+git20150623
v0.5.3+git20150720
v0.5.3+git20150811
v0.5.3+git20151010
v0.5.3+git20151119
v0.5.3+git20160228
v0.5.3+git20160511
v0.5.3+git20160718
v0.5.3+git20161009
v0.5.3+git20161031
v0.5.3+git20161120
v0.5.3+git20170102
v0.5.3+git20180125
v0.5.3+git20190105
v0.5.3+git20200502
v0.5.3+git20210102
v0.5.3+git20220429
v0.5.3+git20230121

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-38252.json"