W3m
by Tats
Source repositories
CVEs (42)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-2074 | 0.00 | — | 0.01 | Jun 16, 2010 | istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle… | |||
| CVE-2002-1348 | 0.00 | — | 0.02 | Feb 19, 2003 | w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies. |
- CVE-2010-2074Jun 16, 2010risk 0.00cvss —epss 0.01
istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not properly handle a '\0' character in a domain name in the (1) subject's Common Name or (2) Subject Alternative Name field of an X.509 certificate, which allows man-in-the-middle…
- CVE-2002-1348Feb 19, 2003risk 0.00cvss —epss 0.02
w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies.
Page 3 of 3