{"id":"MGASA-2023-0006","summary":"Updated w3m packages fix security vulnerability","details":"There is an out-of-bounds write in checkType located in etc.c in w3m\n0.5.3. It can be triggered by sending a crafted HTML file to the w3m\nbinary. It allows an attacker to cause Denial of Service or possibly have\nunspecified other impact. (CVE-2022-38223)\n","modified":"2026-04-16T04:44:32.508482399Z","published":"2023-01-13T17:37:09Z","upstream":["CVE-2022-38223"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2023-0006.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=31365"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/NRRZMTLG3YT6U3PSGJOAMLDNLRF2EUOP/"}],"affected":[{"package":{"name":"w3m","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/w3m?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.5.3-13.git20220429.1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2023-0006.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}