tats 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
過去の問題は主に バッファオーバーフロー and vendor risk memory corruption などに関し、一部は vendor impact memory corruption を招き、vendor surface production workloads and vendor surface software deployment 関連の場面に影響します。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2023-4255 | An out-of-bounds write issue has been discovered in the backspace handling of the checkType() function in etc.c within the W3M application. This vulnerability is triggered by supplying a specially crafted HTML file to the w3m binary. Exploitation of this flaw could lead to application crashes, resulting in a denial of service condition. | [email protected] | 5.5 | 0.32% | 2023-12-21 | 2026-06-17 |
| CVE-2023-38253 | An out-of-bounds read flaw was found in w3m, in the growbuf_to_Str function in indep.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file. | [email protected] | 4.7 | 0.35% | 2023-07-14 | 2026-06-17 |
| CVE-2023-38252 | An out-of-bounds read flaw was found in w3m, in the Strnew_size function in Str.c. This issue may allow an attacker to cause a denial of service through a crafted HTML file. | [email protected] | 4.7 | 0.35% | 2023-07-14 | 2026-06-17 |
| CVE-2022-38223 | There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact. | [email protected] | 7.8 | 0.44% | 2022-08-15 | 2026-06-17 |
| CVE-2018-6198 | w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink attack to overwrite arbitrary files. | [email protected] | 4.7 | 0.40% | 2018-01-25 | 2026-06-17 |
| CVE-2018-6197 | w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c. | [email protected] | 7.5 | 4.44% | 2018-01-25 | 2026-06-17 |
| CVE-2018-6196 | w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a negative indent value. | [email protected] | 7.5 | 2.99% | 2018-01-25 | 2026-06-17 |
| CVE-2016-9436 | parsetagx.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to a <i> tag. | [email protected] | 6.5 | 3.33% | 2017-01-20 | 2026-06-17 |
| CVE-2016-9435 | The HTMLtagproc1 function in file.c in w3m before 0.5.3+git20161009 does not properly initialize values, which allows remote attackers to crash the application via a crafted html file, related to <dd> tags. | [email protected] | 6.5 | 3.33% | 2017-01-20 | 2026-06-17 |
| CVE-2016-9633 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (infinite loop and resource consumption) via a crafted HTML page. | [email protected] | 6.5 | 1.78% | 2016-12-12 | 2026-06-17 |
| CVE-2016-9632 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page. | [email protected] | 6.5 | 1.89% | 2016-12-12 | 2026-06-17 |
| CVE-2016-9631 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | [email protected] | 6.5 | 1.78% | 2016-12-12 | 2026-06-17 |
| CVE-2016-9630 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (global buffer overflow and crash) via a crafted HTML page. | [email protected] | 6.5 | 1.94% | 2016-12-12 | 2026-06-17 |
| CVE-2016-9629 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | [email protected] | 6.5 | 2.42% | 2016-12-12 | 2026-06-17 |
| CVE-2016-9628 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | [email protected] | 6.5 | 2.34% | 2016-12-12 | 2026-06-17 |
| CVE-2016-9627 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (heap buffer overflow and crash) via a crafted HTML page. | [email protected] | 6.5 | 2.57% | 2016-12-12 | 2026-06-17 |
| CVE-2016-9626 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page. | [email protected] | 6.5 | 2.41% | 2016-12-12 | 2026-06-17 |
| CVE-2016-9625 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. Infinite recursion vulnerability in w3m allows remote attackers to cause a denial of service via a crafted HTML page. | [email protected] | 6.5 | 1.82% | 2016-12-12 | 2026-06-17 |
| CVE-2016-9624 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | [email protected] | 6.5 | 1.77% | 2016-12-12 | 2026-06-17 |
| CVE-2016-9623 | An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-33. w3m allows remote attackers to cause a denial of service (segmentation fault and crash) via a crafted HTML page. | [email protected] | 6.5 | 1.77% | 2016-12-12 | 2026-06-17 |