VYPR

W3m

by Tats

Source repositories

CVEs (42)

  • CVE-2010-2074Jun 16, 2010
    risk 0.00cvss epss 0.01

    istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle…

  • CVE-2002-1348Feb 19, 2003
    risk 0.00cvss epss 0.02

    w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies.

Page 3 of 3