{"id":"CVE-2018-6197","details":"w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c.","modified":"2026-04-16T06:21:22.802716241Z","published":"2018-01-25T03:29:00.603Z","related":["SUSE-SU-2019:0776-1","openSUSE-SU-2024:11504-1"],"references":[{"type":"WEB","url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00028.html"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2020/04/msg00025.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/102846"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3555-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3555-2/"},{"type":"FIX","url":"https://github.com/tats/w3m/commit/7fdc83b0364005a0b5ed869230dd81752ba022e8"},{"type":"FIX","url":"https://github.com/tats/w3m/issues/89"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/tats/w3m","events":[{"introduced":"0"},{"last_affected":"5397d09e585a1938fb64bc9c5cd5daed1959eb90"},{"fixed":"7fdc83b0364005a0b5ed869230dd81752ba022e8"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"0.5.3"}]}}],"versions":["upstream/0.1.10+0.1.11pre+kokb23","upstream/0.3","upstream/0.5.1","upstream/0.5.2","upstream/0.5.3","v0.5.3+debian-19","v0.5.3+git20150203","v0.5.3+git20150509","v0.5.3+git20150623","v0.5.3+git20150720","v0.5.3+git20150811","v0.5.3+git20151010","v0.5.3+git20151119","v0.5.3+git20160228","v0.5.3+git20160511","v0.5.3+git20160718","v0.5.3+git20161009","v0.5.3+git20161031","v0.5.3+git20161120","v0.5.3+git20170102"],"database_specific":{"vanir_signatures_modified":"2026-04-11T14:11:07Z","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"12.04"}]},{"events":[{"introduced":"0"},{"last_affected":"14.04"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"17.10"}]}],"vanir_signatures":[{"deprecated":false,"digest":{"line_hashes":["234083330726384299542122429291717521713","180102379785573203008743059088392771803","215493450600643236728018898545971092305","51040730011497186161360051698764107823"],"threshold":0.9},"signature_type":"Line","target":{"file":"form.c"},"signature_version":"v1","id":"CVE-2018-6197-436a941a","source":"https://github.com/tats/w3m/commit/7fdc83b0364005a0b5ed869230dd81752ba022e8"},{"deprecated":false,"digest":{"length":2652,"function_hash":"337574361585344692693781186140243649189"},"signature_type":"Function","target":{"function":"formUpdateBuffer","file":"form.c"},"signature_version":"v1","id":"CVE-2018-6197-a2d2436b","source":"https://github.com/tats/w3m/commit/7fdc83b0364005a0b5ed869230dd81752ba022e8"}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-6197.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}