Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie

Type deb

Namespace debian

Name epiphany-browser

Version 50.3-2

Qualifiers

distro	trixie

Subpath

Is_vulnerable false

Next_non_vulnerable_version null

Latest_non_vulnerable_version null

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-4ayz-e7qd-q3hv

vulnerability_id VCID-4ayz-e7qd-q3hv

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-45085

reference_id

reference_type

scores

value	0.00288
scoring_system	epss
scoring_elements	0.52171
published_at	2026-04-01T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52214
published_at	2026-04-02T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52242
published_at	2026-04-04T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52206
published_at	2026-04-07T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52259
published_at	2026-04-08T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52254
published_at	2026-04-09T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52305
published_at	2026-04-11T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52289
published_at	2026-04-12T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52275
published_at	2026-04-13T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52313
published_at	2026-04-16T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52316
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-45085

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45085
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45085

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45086

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45087
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45087

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45088
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45088

reference_url	https://usn.ubuntu.com/5561-1/
reference_id	USN-5561-1
reference_type
scores
url	https://usn.ubuntu.com/5561-1/

fixed_packages

url	pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bpgn-654d-5kh6

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@41.2-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@41.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@41.2-1%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

purl pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
purl	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@49.2-3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-2%3Fdistro=trixie

aliases CVE-2021-45085

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4ayz-e7qd-q3hv

url VCID-bpgn-654d-5kh6

vulnerability_id VCID-bpgn-654d-5kh6

summary In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2023-26081

reference_id

reference_type

scores

value	0.00176
scoring_system	epss
scoring_elements	0.39103
published_at	2026-04-02T12:55:00Z

value	0.00176
scoring_system	epss
scoring_elements	0.39125
published_at	2026-04-04T12:55:00Z

value	0.00176
scoring_system	epss
scoring_elements	0.39044
published_at	2026-04-07T12:55:00Z

value	0.00176
scoring_system	epss
scoring_elements	0.39099
published_at	2026-04-08T12:55:00Z

value	0.00176
scoring_system	epss
scoring_elements	0.39116
published_at	2026-04-09T12:55:00Z

value	0.00176
scoring_system	epss
scoring_elements	0.39128
published_at	2026-04-11T12:55:00Z

value	0.00176
scoring_system	epss
scoring_elements	0.3909
published_at	2026-04-12T12:55:00Z

value	0.00176
scoring_system	epss
scoring_elements	0.3907
published_at	2026-04-13T12:55:00Z

value	0.00176
scoring_system	epss
scoring_elements	0.39126
published_at	2026-04-16T12:55:00Z

value	0.00176
scoring_system	epss
scoring_elements	0.39096
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2023-26081

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26081
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26081

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031727
reference_id	1031727
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031727

reference_url

https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1275

reference_id

1275

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T15:00:16Z/

url

https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1275

reference_url

https://github.com/google/security-research/security/advisories/GHSA-mhhf-w9xw-pp9x

reference_id

GHSA-mhhf-w9xw-pp9x

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T15:00:16Z/

url

https://github.com/google/security-research/security/advisories/GHSA-mhhf-w9xw-pp9x

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFWUNG6E4ZT43EYNHKYXS7QVSO2VW2H2/

reference_id

IFWUNG6E4ZT43EYNHKYXS7QVSO2VW2H2

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T15:00:16Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFWUNG6E4ZT43EYNHKYXS7QVSO2VW2H2/

reference_url

https://lists.debian.org/debian-lts-announce/2023/05/msg00015.html

reference_id

msg00015.html

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T15:00:16Z/

url

https://lists.debian.org/debian-lts-announce/2023/05/msg00015.html

reference_url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SADQCSQKTJKTTIJMEPY7GII6IVQSKEKV/

reference_id

SADQCSQKTJKTTIJMEPY7GII6IVQSKEKV

reference_type

scores

value	7.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T15:00:16Z/

url

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SADQCSQKTJKTTIJMEPY7GII6IVQSKEKV/

fixed_packages

url pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

purl pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
purl	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@49.2-3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-2%3Fdistro=trixie

aliases CVE-2023-26081

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bpgn-654d-5kh6

url VCID-cdnq-ar2x-rfc4

vulnerability_id VCID-cdnq-ar2x-rfc4

summary The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.

references

reference_url	http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html
reference_id
reference_type
scores
url	http://lists.grok.org.uk/pipermail/full-disclosure/2005-February/031459.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2005-0238

reference_id

reference_type

scores

value	0.00748
scoring_system	epss
scoring_elements	0.73149
published_at	2026-04-18T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73045
published_at	2026-04-01T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73054
published_at	2026-04-02T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73075
published_at	2026-04-04T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73049
published_at	2026-04-07T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73086
published_at	2026-04-08T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73098
published_at	2026-04-09T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73123
published_at	2026-04-11T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73103
published_at	2026-04-12T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.73097
published_at	2026-04-13T12:55:00Z

value	0.00748
scoring_system	epss
scoring_elements	0.7314
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2005-0238

reference_url	https://bugzilla.redhat.com/beta/show_bug.cgi?id=147399
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/beta/show_bug.cgi?id=147399

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0238
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0238

reference_url	https://exchange.xforce.ibmcloud.com/vulnerabilities/19236
reference_id
reference_type
scores
url	https://exchange.xforce.ibmcloud.com/vulnerabilities/19236

reference_url	http://www.securityfocus.com/bid/12461
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/12461

reference_url	http://www.shmoo.com/idn
reference_id
reference_type
scores
url	http://www.shmoo.com/idn

reference_url	http://www.shmoo.com/idn/homograph.txt
reference_id
reference_type
scores
url	http://www.shmoo.com/idn/homograph.txt

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:epiphany::::::::
reference_id	cpe:2.3:a:gnome:epiphany::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:epiphany::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:camino:0.8.5:::::::*
reference_id	cpe:2.3:a:mozilla:camino:0.8.5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:camino:0.8.5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:mozilla::::::::
reference_id	cpe:2.3:a:mozilla:mozilla::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mozilla:mozilla::::::::

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:omnigroup:omniweb:5:::::::*
reference_id	cpe:2.3:a:omnigroup:omniweb:5:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:omnigroup:omniweb:5:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opera:opera_browser::::::::
reference_id	cpe:2.3:a:opera:opera_browser::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:opera:opera_browser::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2005-0238

reference_id

CVE-2005-0238

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2005-0238

fixed_packages

url	pkg:deb/debian/epiphany-browser@1.4.8-2?distro=trixie
purl	pkg:deb/debian/epiphany-browser@1.4.8-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@1.4.8-2%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bpgn-654d-5kh6

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

purl pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
purl	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@49.2-3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-2%3Fdistro=trixie

aliases CVE-2005-0238

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cdnq-ar2x-rfc4

url VCID-drpr-qvbq-c7ep

vulnerability_id VCID-drpr-qvbq-c7ep

summary A vulnerability has been discovered in Epiphany, which can lead to a buffer overflow.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2022-29536

reference_id

reference_type

scores

value	0.00151
scoring_system	epss
scoring_elements	0.35761
published_at	2026-04-18T12:55:00Z

value	0.00151
scoring_system	epss
scoring_elements	0.35863
published_at	2026-04-02T12:55:00Z

value	0.00151
scoring_system	epss
scoring_elements	0.3589
published_at	2026-04-04T12:55:00Z

value	0.00151
scoring_system	epss
scoring_elements	0.3572
published_at	2026-04-07T12:55:00Z

value	0.00151
scoring_system	epss
scoring_elements	0.35766
published_at	2026-04-08T12:55:00Z

value	0.00151
scoring_system	epss
scoring_elements	0.35789
published_at	2026-04-09T12:55:00Z

value	0.00151
scoring_system	epss
scoring_elements	0.35798
published_at	2026-04-11T12:55:00Z

value	0.00151
scoring_system	epss
scoring_elements	0.35754
published_at	2026-04-12T12:55:00Z

value	0.00151
scoring_system	epss
scoring_elements	0.35731
published_at	2026-04-13T12:55:00Z

value	0.00151
scoring_system	epss
scoring_elements	0.35772
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2022-29536

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29536
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29536

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009959
reference_id	1009959
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009959

reference_url

https://security.archlinux.org/AVG-2684

reference_id

AVG-2684

reference_type

scores

value	High
scoring_system	archlinux
scoring_elements

url

https://security.archlinux.org/AVG-2684

reference_url	https://security.gentoo.org/glsa/202405-27
reference_id	GLSA-202405-27
reference_type
scores
url	https://security.gentoo.org/glsa/202405-27

reference_url	https://usn.ubuntu.com/5561-1/
reference_id	USN-5561-1
reference_type
scores
url	https://usn.ubuntu.com/5561-1/

fixed_packages

url pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bpgn-654d-5kh6

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@42.2-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@42.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@42.2-1%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

purl pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
purl	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@49.2-3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-2%3Fdistro=trixie

aliases CVE-2022-29536

risk_score 4.0

exploitability 0.5

weighted_severity 8.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-drpr-qvbq-c7ep

url VCID-dy4t-8mzp-k3h9

vulnerability_id VCID-dy4t-8mzp-k3h9

summary

An untrusted search path vulnerability in Epiphany might result in the
    execution of arbitrary code.

references

reference_url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504363
reference_id
reference_type
scores
url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504363

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2008-5985

reference_id

reference_type

scores

value	0.00068
scoring_system	epss
scoring_elements	0.20802
published_at	2026-04-18T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20837
published_at	2026-04-01T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20987
published_at	2026-04-02T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.21045
published_at	2026-04-04T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20759
published_at	2026-04-07T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20838
published_at	2026-04-08T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20899
published_at	2026-04-09T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20915
published_at	2026-04-11T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20871
published_at	2026-04-12T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.20819
published_at	2026-04-13T12:55:00Z

value	0.00068
scoring_system	epss
scoring_elements	0.2081
published_at	2026-04-16T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2008-5985

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=481548
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=481548

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5985
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5985

reference_url	http://secunia.com/advisories/34187
reference_id
reference_type
scores
url	http://secunia.com/advisories/34187

reference_url	http://www.gentoo.org/security/en/glsa/glsa-200903-16.xml
reference_id
reference_type
scores
url	http://www.gentoo.org/security/en/glsa/glsa-200903-16.xml

reference_url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:048
reference_id
reference_type
scores
url	http://www.mandriva.com/security/advisories?name=MDVSA-2009:048

reference_url	http://www.openwall.com/lists/oss-security/2009/01/26/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2009/01/26/2

reference_url	http://www.securityfocus.com/bid/33441
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/33441

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504363
reference_id	504363
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504363

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:epiphany:2.22.3:::::::*
reference_id	cpe:2.3:a:gnome:epiphany:2.22.3:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:epiphany:2.22.3:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2008-5985

reference_id

CVE-2008-5985

reference_type

scores

value	6.9
scoring_system	cvssv2
scoring_elements	AV:L/AC:M/Au:N/C:C/I:C/A:C

url

https://nvd.nist.gov/vuln/detail/CVE-2008-5985

reference_url	https://security.gentoo.org/glsa/200903-16
reference_id	GLSA-200903-16
reference_type
scores
url	https://security.gentoo.org/glsa/200903-16

fixed_packages

url	pkg:deb/debian/epiphany-browser@2.22.3-7?distro=trixie
purl	pkg:deb/debian/epiphany-browser@2.22.3-7?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@2.22.3-7%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bpgn-654d-5kh6

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

purl pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
purl	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@49.2-3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-2%3Fdistro=trixie

aliases CVE-2008-5985

risk_score 3.1

exploitability 0.5

weighted_severity 6.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dy4t-8mzp-k3h9

url VCID-fw5u-mcy4-1uaz

vulnerability_id VCID-fw5u-mcy4-1uaz

summary ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call.

references

reference_url	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00043.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00043.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-11396

reference_id

reference_type

scores

value	0.00685
scoring_system	epss
scoring_elements	0.71714
published_at	2026-04-18T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71708
published_at	2026-04-16T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71627
published_at	2026-04-01T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71634
published_at	2026-04-02T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71652
published_at	2026-04-04T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71625
published_at	2026-04-07T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71665
published_at	2026-04-08T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71675
published_at	2026-04-09T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71699
published_at	2026-04-11T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71683
published_at	2026-04-12T12:55:00Z

value	0.00685
scoring_system	epss
scoring_elements	0.71664
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-11396

reference_url	https://bugzilla.gnome.org/show_bug.cgi?id=795740
reference_id
reference_type
scores
url	https://bugzilla.gnome.org/show_bug.cgi?id=795740

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11396
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11396

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=899409
reference_id	899409
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=899409

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:epiphany::::::::
reference_id	cpe:2.3:a:gnome:epiphany::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:epiphany::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-11396

reference_id

CVE-2018-11396

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-11396

fixed_packages

url	pkg:deb/debian/epiphany-browser@3.28.2.1-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@3.28.2.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.28.2.1-1%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bpgn-654d-5kh6

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

purl pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
purl	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@49.2-3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-2%3Fdistro=trixie

aliases CVE-2018-11396

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fw5u-mcy4-1uaz

url VCID-h8vr-29am-jueb

vulnerability_id VCID-h8vr-29am-jueb

summary Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock icon for any URL beginning with the https: substring, without any warning to the user, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted X.509 server certificate.

references

reference_url	http://blog.fefe.de/?ts=b26ca29d
reference_id
reference_type
scores
url	http://blog.fefe.de/?ts=b26ca29d

reference_url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564690
reference_id
reference_type
scores
url	http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564690

reference_url	http://bugzilla-attachments.gnome.org/attachment.cgi?id=154330
reference_id
reference_type
scores
url	http://bugzilla-attachments.gnome.org/attachment.cgi?id=154330

reference_url	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2010-12/msg00000.html

reference_url	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html
reference_id
reference_type
scores
url	http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2010-3312

reference_id

reference_type

scores

value	0.00533
scoring_system	epss
scoring_elements	0.67354
published_at	2026-04-16T12:55:00Z

value	0.00533
scoring_system	epss
scoring_elements	0.67245
published_at	2026-04-01T12:55:00Z

value	0.00533
scoring_system	epss
scoring_elements	0.67281
published_at	2026-04-02T12:55:00Z

value	0.00533
scoring_system	epss
scoring_elements	0.67304
published_at	2026-04-04T12:55:00Z

value	0.00533
scoring_system	epss
scoring_elements	0.67282
published_at	2026-04-07T12:55:00Z

value	0.00533
scoring_system	epss
scoring_elements	0.67333
published_at	2026-04-08T12:55:00Z

value	0.00533
scoring_system	epss
scoring_elements	0.67347
published_at	2026-04-09T12:55:00Z

value	0.00533
scoring_system	epss
scoring_elements	0.67367
published_at	2026-04-18T12:55:00Z

value	0.00533
scoring_system	epss
scoring_elements	0.67355
published_at	2026-04-12T12:55:00Z

value	0.00533
scoring_system	epss
scoring_elements	0.67319
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2010-3312

reference_url	https://bugzilla.gnome.org/show_bug.cgi?id=600663
reference_id
reference_type
scores
url	https://bugzilla.gnome.org/show_bug.cgi?id=600663

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3312
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3312

reference_url	http://secunia.com/advisories/43068
reference_id
reference_type
scores
url	http://secunia.com/advisories/43068

reference_url	http://www.openwall.com/lists/oss-security/2010/09/17/10
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2010/09/17/10

reference_url	http://www.openwall.com/lists/oss-security/2010/09/17/12
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2010/09/17/12

reference_url	http://www.openwall.com/lists/oss-security/2010/09/17/13
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2010/09/17/13

reference_url	http://www.openwall.com/lists/oss-security/2010/09/17/5
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2010/09/17/5

reference_url	http://www.openwall.com/lists/oss-security/2010/09/17/6
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2010/09/17/6

reference_url	http://www.openwall.com/lists/oss-security/2010/09/20/2
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2010/09/20/2

reference_url	http://www.openwall.com/lists/oss-security/2010/09/21/5
reference_id
reference_type
scores
url	http://www.openwall.com/lists/oss-security/2010/09/21/5

reference_url	http://www.vupen.com/english/advisories/2011/0212
reference_id
reference_type
scores
url	http://www.vupen.com/english/advisories/2011/0212

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564690
reference_id	564690
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564690

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:epiphany:2.28:::::::*
reference_id	cpe:2.3:a:gnome:epiphany:2.28:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:epiphany:2.28:::::::*

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:epiphany:2.29:::::::*
reference_id	cpe:2.3:a:gnome:epiphany:2.29:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:epiphany:2.29:::::::*

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2010-3312

reference_id

CVE-2010-3312

reference_type

scores

value	5.8
scoring_system	cvssv2
scoring_elements	AV:N/AC:M/Au:N/C:P/I:P/A:N

url

https://nvd.nist.gov/vuln/detail/CVE-2010-3312

fixed_packages

url	pkg:deb/debian/epiphany-browser@2.29.91-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@2.29.91-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@2.29.91-1%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bpgn-654d-5kh6

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

purl pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
purl	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@49.2-3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-2%3Fdistro=trixie

aliases CVE-2010-3312

risk_score 2.6

exploitability 0.5

weighted_severity 5.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h8vr-29am-jueb

url VCID-hk4w-wqwm-b7dx

vulnerability_id VCID-hk4w-wqwm-b7dx

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-45086

reference_id

reference_type

scores

value	0.00212
scoring_system	epss
scoring_elements	0.43693
published_at	2026-04-01T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43749
published_at	2026-04-02T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43773
published_at	2026-04-04T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43707
published_at	2026-04-07T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43757
published_at	2026-04-08T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.4376
published_at	2026-04-09T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.4378
published_at	2026-04-11T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43748
published_at	2026-04-12T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43732
published_at	2026-04-13T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43793
published_at	2026-04-16T12:55:00Z

value	0.00212
scoring_system	epss
scoring_elements	0.43784
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-45086

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45085
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45085

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45086

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45087
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45087

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45088
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45088

reference_url	https://usn.ubuntu.com/5561-1/
reference_id	USN-5561-1
reference_type
scores
url	https://usn.ubuntu.com/5561-1/

fixed_packages

url	pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bpgn-654d-5kh6

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@41.2-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@41.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@41.2-1%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

purl pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
purl	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@49.2-3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-2%3Fdistro=trixie

aliases CVE-2021-45086

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hk4w-wqwm-b7dx

url VCID-kr9h-du4n-zbck

vulnerability_id VCID-kr9h-du4n-zbck

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-45087

reference_id

reference_type

scores

value	0.00288
scoring_system	epss
scoring_elements	0.52171
published_at	2026-04-01T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52214
published_at	2026-04-02T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52242
published_at	2026-04-04T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52206
published_at	2026-04-07T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52259
published_at	2026-04-08T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52254
published_at	2026-04-09T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52305
published_at	2026-04-11T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52289
published_at	2026-04-12T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52275
published_at	2026-04-13T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52313
published_at	2026-04-16T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52316
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-45087

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45085
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45085

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45086

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45087
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45087

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45088
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45088

reference_url	https://usn.ubuntu.com/5561-1/
reference_id	USN-5561-1
reference_type
scores
url	https://usn.ubuntu.com/5561-1/

fixed_packages

url	pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bpgn-654d-5kh6

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@41.2-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@41.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@41.2-1%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

purl pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
purl	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@49.2-3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-2%3Fdistro=trixie

aliases CVE-2021-45087

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kr9h-du4n-zbck

url VCID-qu2d-vqp3-w3e3

vulnerability_id VCID-qu2d-vqp3-w3e3

summary A flaw was found in Epiphany, a tool that allows websites to open external URL handler applications with minimal user interaction. This design can be misused to exploit vulnerabilities within those handlers, making them appear remotely exploitable. The browser fails to properly warn or gate this action, resulting in potential code execution on the client device via trusted UI behavior.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2025-3839

reference_id

reference_type

scores

value	0.00018
scoring_system	epss
scoring_elements	0.04399
published_at	2026-04-18T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04377
published_at	2026-04-02T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.0444
published_at	2026-04-12T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04423
published_at	2026-04-13T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04391
published_at	2026-04-16T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04401
published_at	2026-04-04T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04411
published_at	2026-04-07T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04445
published_at	2026-04-08T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04463
published_at	2026-04-09T12:55:00Z

value	0.00018
scoring_system	epss
scoring_elements	0.04455
published_at	2026-04-11T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2025-3839

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3839
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3839

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url

https://access.redhat.com/security/cve/CVE-2025-3839

reference_id

CVE-2025-3839

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-23T18:54:33Z/

url

https://access.redhat.com/security/cve/CVE-2025-3839

reference_url

https://bugzilla.redhat.com/show_bug.cgi?id=2361430

reference_id

show_bug.cgi?id=2361430

reference_type

scores

value	8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-23T18:54:33Z/

url

https://bugzilla.redhat.com/show_bug.cgi?id=2361430

fixed_packages

url	pkg:deb/debian/epiphany-browser@48.1-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@48.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.1-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
purl	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@49.2-3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-2%3Fdistro=trixie

aliases CVE-2025-3839

risk_score 3.6

exploitability 0.5

weighted_severity 7.2

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qu2d-vqp3-w3e3

url VCID-t8h7-hah9-bkaw

vulnerability_id VCID-t8h7-hah9-bkaw

summary gvdb: use after free issue was fixed in gvdb_table_write_contents_async()

references

reference_url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25085.json

reference_id

reference_type

scores

value	8.8
scoring_system	cvssv3
scoring_elements	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25085.json

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2019-25085

reference_id

reference_type

scores

value	0.00538
scoring_system	epss
scoring_elements	0.67476
published_at	2026-04-01T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67512
published_at	2026-04-02T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67533
published_at	2026-04-04T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67511
published_at	2026-04-07T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67563
published_at	2026-04-08T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67577
published_at	2026-04-09T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67599
published_at	2026-04-11T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67586
published_at	2026-04-12T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67553
published_at	2026-04-13T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.67588
published_at	2026-04-16T12:55:00Z

value	0.00538
scoring_system	epss
scoring_elements	0.676
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2019-25085

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25085
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25085

reference_url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_id

reference_type

scores

value	7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

url

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=2156440
reference_id	2156440
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=2156440

fixed_packages

url	pkg:deb/debian/epiphany-browser@3.34.1-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@3.34.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.34.1-1%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bpgn-654d-5kh6

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

purl pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
purl	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@49.2-3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-2%3Fdistro=trixie

aliases CVE-2019-25085

risk_score 4.0

exploitability 0.5

weighted_severity 7.9

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t8h7-hah9-bkaw

url VCID-u2z3-9rm9-suda

vulnerability_id VCID-u2z3-9rm9-suda

summary GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000025

reference_id

reference_type

scores

value	0.00498
scoring_system	epss
scoring_elements	0.65798
published_at	2026-04-01T12:55:00Z

value	0.00498
scoring_system	epss
scoring_elements	0.65847
published_at	2026-04-02T12:55:00Z

value	0.00498
scoring_system	epss
scoring_elements	0.65878
published_at	2026-04-04T12:55:00Z

value	0.00498
scoring_system	epss
scoring_elements	0.65843
published_at	2026-04-07T12:55:00Z

value	0.00498
scoring_system	epss
scoring_elements	0.65895
published_at	2026-04-08T12:55:00Z

value	0.00498
scoring_system	epss
scoring_elements	0.65906
published_at	2026-04-09T12:55:00Z

value	0.00498
scoring_system	epss
scoring_elements	0.65924
published_at	2026-04-11T12:55:00Z

value	0.00498
scoring_system	epss
scoring_elements	0.65912
published_at	2026-04-12T12:55:00Z

value	0.00498
scoring_system	epss
scoring_elements	0.65882
published_at	2026-04-13T12:55:00Z

value	0.00498
scoring_system	epss
scoring_elements	0.65917
published_at	2026-04-16T12:55:00Z

value	0.00498
scoring_system	epss
scoring_elements	0.65932
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2017-1000025

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000025
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000025

fixed_packages

url	pkg:deb/debian/epiphany-browser@3.22.6-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@3.22.6-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.22.6-1%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bpgn-654d-5kh6

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

purl pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
purl	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@49.2-3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-2%3Fdistro=trixie

aliases CVE-2017-1000025

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u2z3-9rm9-suda

url VCID-v1k1-swqj-akcj

vulnerability_id VCID-v1k1-swqj-akcj

summary security update

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2021-45088

reference_id

reference_type

scores

value	0.00288
scoring_system	epss
scoring_elements	0.52171
published_at	2026-04-01T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52214
published_at	2026-04-02T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52242
published_at	2026-04-04T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52206
published_at	2026-04-07T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52259
published_at	2026-04-08T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52254
published_at	2026-04-09T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52305
published_at	2026-04-11T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52289
published_at	2026-04-12T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52275
published_at	2026-04-13T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52313
published_at	2026-04-16T12:55:00Z

value	0.00288
scoring_system	epss
scoring_elements	0.52316
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2021-45088

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45085
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45085

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45086
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45086

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45087
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45087

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45088
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45088

fixed_packages

url	pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u1%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bpgn-654d-5kh6

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@41.2-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@41.2-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@41.2-1%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

purl pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
purl	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@49.2-3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-2%3Fdistro=trixie

aliases CVE-2021-45088

risk_score null

exploitability 0.5

weighted_severity 0.0

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v1k1-swqj-akcj

url VCID-wruk-nknh-2fh4

vulnerability_id VCID-wruk-nknh-2fh4

summary libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via certain window.open and document.write calls.

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2018-12016

reference_id

reference_type

scores

value	0.00894
scoring_system	epss
scoring_elements	0.75627
published_at	2026-04-18T12:55:00Z

value	0.00894
scoring_system	epss
scoring_elements	0.75623
published_at	2026-04-16T12:55:00Z

value	0.00894
scoring_system	epss
scoring_elements	0.75522
published_at	2026-04-01T12:55:00Z

value	0.00894
scoring_system	epss
scoring_elements	0.75524
published_at	2026-04-02T12:55:00Z

value	0.00894
scoring_system	epss
scoring_elements	0.75554
published_at	2026-04-04T12:55:00Z

value	0.00894
scoring_system	epss
scoring_elements	0.75534
published_at	2026-04-07T12:55:00Z

value	0.00894
scoring_system	epss
scoring_elements	0.75576
published_at	2026-04-08T12:55:00Z

value	0.00894
scoring_system	epss
scoring_elements	0.75587
published_at	2026-04-09T12:55:00Z

value	0.00894
scoring_system	epss
scoring_elements	0.75612
published_at	2026-04-11T12:55:00Z

value	0.00894
scoring_system	epss
scoring_elements	0.75593
published_at	2026-04-12T12:55:00Z

value	0.00894
scoring_system	epss
scoring_elements	0.75586
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2018-12016

reference_url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12016
reference_id
reference_type
scores
url	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12016

reference_url	https://github.com/ldpreload/Disclosure/blob/master/EpiphanyDoS.txt
reference_id
reference_type
scores
url	https://github.com/ldpreload/Disclosure/blob/master/EpiphanyDoS.txt

reference_url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901018
reference_id	901018
reference_type
scores
url	https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901018

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:epiphany::::::::
reference_id	cpe:2.3:a:gnome:epiphany::::::::
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:gnome:epiphany::::::::

reference_url

https://nvd.nist.gov/vuln/detail/CVE-2018-12016

reference_id

CVE-2018-12016

reference_type

scores

value	5.0
scoring_system	cvssv2
scoring_elements	AV:N/AC:L/Au:N/C:N/I:N/A:P

value	7.5
scoring_system	cvssv3
scoring_elements	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

url

https://nvd.nist.gov/vuln/detail/CVE-2018-12016

fixed_packages

url	pkg:deb/debian/epiphany-browser@3.28.3.1-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@3.28.3.1-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.28.3.1-1%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

purl pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-bpgn-654d-5kh6

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie

url pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

purl pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-qu2d-vqp3-w3e3

resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
purl	pkg:deb/debian/epiphany-browser@49.2-3?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@49.2-3%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-1?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-1%3Fdistro=trixie

url	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
purl	pkg:deb/debian/epiphany-browser@50.3-2?distro=trixie
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-2%3Fdistro=trixie

aliases CVE-2018-12016

risk_score 3.4

exploitability 0.5

weighted_severity 6.8

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wruk-nknh-2fh4

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.3-2%3Fdistro=trixie

Package Instance