Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/epiphany-browser@1.4.8-3
purl pkg:deb/debian/epiphany-browser@1.4.8-3
Next non-vulnerable version 48.5-0+deb13u1
Latest non-vulnerable version 48.5-0+deb13u1
Risk 4.0
Vulnerabilities affecting this package (11)
Vulnerability Summary Fixed by
VCID-4ayz-e7qd-q3hv
Aliases:
CVE-2021-45085
security update
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-drpr-qvbq-c7ep
Aliases:
CVE-2022-29536
A vulnerability has been discovered in Epiphany, which can lead to a buffer overflow.
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-dy4t-8mzp-k3h9
Aliases:
CVE-2008-5985
An untrusted search path vulnerability in Epiphany might result in the execution of arbitrary code.
2.22.3-9
Affected by 10 other vulnerabilities.
VCID-fw5u-mcy4-1uaz
Aliases:
CVE-2018-11396
ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call.
3.32.1.2-3~deb10u1
Affected by 6 other vulnerabilities.
VCID-h8vr-29am-jueb
Aliases:
CVE-2010-3312
Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock icon for any URL beginning with the https: substring, without any warning to the user, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted X.509 server certificate.
2.30.6-1
Affected by 9 other vulnerabilities.
VCID-hk4w-wqwm-b7dx
Aliases:
CVE-2021-45086
security update
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-kr9h-du4n-zbck
Aliases:
CVE-2021-45087
security update
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-t8h7-hah9-bkaw
Aliases:
CVE-2019-25085
gvdb: use after free issue was fixed in gvdb_table_write_contents_async()
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-u2z3-9rm9-suda
Aliases:
CVE-2017-1000025
GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites.
3.22.7-1
Affected by 8 other vulnerabilities.
VCID-v1k1-swqj-akcj
Aliases:
CVE-2021-45088
security update
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-wruk-nknh-2fh4
Aliases:
CVE-2018-12016
libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via certain window.open and document.write calls.
3.32.1.2-3~deb10u1
Affected by 6 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T22:36:50.037226+00:00 Debian Oval Importer Affected by VCID-drpr-qvbq-c7ep https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:58:09.843175+00:00 Debian Oval Importer Affected by VCID-dy4t-8mzp-k3h9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:31:13.343505+00:00 Debian Oval Importer Affected by VCID-wruk-nknh-2fh4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:16:46.731976+00:00 Debian Oval Importer Affected by VCID-v1k1-swqj-akcj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:10:52.784648+00:00 Debian Oval Importer Affected by VCID-u2z3-9rm9-suda https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:55:04.454756+00:00 Debian Oval Importer Affected by VCID-t8h7-hah9-bkaw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:51:42.417403+00:00 Debian Oval Importer Affected by VCID-4ayz-e7qd-q3hv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:00:07.234796+00:00 Debian Oval Importer Affected by VCID-kr9h-du4n-zbck https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:49:17.302158+00:00 Debian Oval Importer Affected by VCID-hk4w-wqwm-b7dx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:00:09.904455+00:00 Debian Oval Importer Affected by VCID-fw5u-mcy4-1uaz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:36:57.890362+00:00 Debian Oval Importer Affected by VCID-h8vr-29am-jueb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-11T22:13:39.140114+00:00 Debian Oval Importer Affected by VCID-drpr-qvbq-c7ep https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:38:30.722906+00:00 Debian Oval Importer Affected by VCID-dy4t-8mzp-k3h9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:12:34.859741+00:00 Debian Oval Importer Affected by VCID-wruk-nknh-2fh4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:00:12.795957+00:00 Debian Oval Importer Affected by VCID-v1k1-swqj-akcj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:54:31.687647+00:00 Debian Oval Importer Affected by VCID-u2z3-9rm9-suda https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:41:00.234450+00:00 Debian Oval Importer Affected by VCID-t8h7-hah9-bkaw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:37:40.601024+00:00 Debian Oval Importer Affected by VCID-4ayz-e7qd-q3hv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:46:43.338915+00:00 Debian Oval Importer Affected by VCID-kr9h-du4n-zbck https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:36:05.060294+00:00 Debian Oval Importer Affected by VCID-hk4w-wqwm-b7dx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:47:44.163106+00:00 Debian Oval Importer Affected by VCID-fw5u-mcy4-1uaz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:24:53.288013+00:00 Debian Oval Importer Affected by VCID-h8vr-29am-jueb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T21:50:02.358229+00:00 Debian Oval Importer Affected by VCID-drpr-qvbq-c7ep https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:18:34.303893+00:00 Debian Oval Importer Affected by VCID-dy4t-8mzp-k3h9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:53:46.192988+00:00 Debian Oval Importer Affected by VCID-wruk-nknh-2fh4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:44:43.812512+00:00 Debian Oval Importer Affected by VCID-v1k1-swqj-akcj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:39:13.255703+00:00 Debian Oval Importer Affected by VCID-u2z3-9rm9-suda https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:28:19.098901+00:00 Debian Oval Importer Affected by VCID-t8h7-hah9-bkaw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:25:08.079548+00:00 Debian Oval Importer Affected by VCID-4ayz-e7qd-q3hv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:37:01.052155+00:00 Debian Oval Importer Affected by VCID-kr9h-du4n-zbck https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:26:54.525340+00:00 Debian Oval Importer Affected by VCID-hk4w-wqwm-b7dx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:41:19.163983+00:00 Debian Oval Importer Affected by VCID-fw5u-mcy4-1uaz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:19:22.608209+00:00 Debian Oval Importer Affected by VCID-h8vr-29am-jueb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0