Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/epiphany-browser@2.14.3-6
purl pkg:deb/debian/epiphany-browser@2.14.3-6
Next non-vulnerable version 48.5-0+deb13u1
Latest non-vulnerable version 48.5-0+deb13u1
Risk 4.0
Vulnerabilities affecting this package (11)
Vulnerability Summary Fixed by
VCID-4ayz-e7qd-q3hv
Aliases:
CVE-2021-45085
security update
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-drpr-qvbq-c7ep
Aliases:
CVE-2022-29536
A vulnerability has been discovered in Epiphany, which can lead to a buffer overflow.
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-dy4t-8mzp-k3h9
Aliases:
CVE-2008-5985
An untrusted search path vulnerability in Epiphany might result in the execution of arbitrary code.
2.22.3-9
Affected by 10 other vulnerabilities.
VCID-fw5u-mcy4-1uaz
Aliases:
CVE-2018-11396
ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call.
3.32.1.2-3~deb10u1
Affected by 6 other vulnerabilities.
VCID-h8vr-29am-jueb
Aliases:
CVE-2010-3312
Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock icon for any URL beginning with the https: substring, without any warning to the user, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted X.509 server certificate.
2.30.6-1
Affected by 9 other vulnerabilities.
VCID-hk4w-wqwm-b7dx
Aliases:
CVE-2021-45086
security update
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-kr9h-du4n-zbck
Aliases:
CVE-2021-45087
security update
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-t8h7-hah9-bkaw
Aliases:
CVE-2019-25085
gvdb: use after free issue was fixed in gvdb_table_write_contents_async()
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-u2z3-9rm9-suda
Aliases:
CVE-2017-1000025
GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites.
3.22.7-1
Affected by 8 other vulnerabilities.
VCID-v1k1-swqj-akcj
Aliases:
CVE-2021-45088
security update
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-wruk-nknh-2fh4
Aliases:
CVE-2018-12016
libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via certain window.open and document.write calls.
3.32.1.2-3~deb10u1
Affected by 6 other vulnerabilities.
Vulnerabilities fixed by this package (0)
Vulnerability Summary Aliases
This package is not known to fix vulnerabilities.

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T22:36:50.040982+00:00 Debian Oval Importer Affected by VCID-drpr-qvbq-c7ep https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:58:09.846707+00:00 Debian Oval Importer Affected by VCID-dy4t-8mzp-k3h9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:31:13.346980+00:00 Debian Oval Importer Affected by VCID-wruk-nknh-2fh4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:16:46.735533+00:00 Debian Oval Importer Affected by VCID-v1k1-swqj-akcj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:10:52.788455+00:00 Debian Oval Importer Affected by VCID-u2z3-9rm9-suda https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:55:04.458443+00:00 Debian Oval Importer Affected by VCID-t8h7-hah9-bkaw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:51:42.421038+00:00 Debian Oval Importer Affected by VCID-4ayz-e7qd-q3hv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:00:07.238304+00:00 Debian Oval Importer Affected by VCID-kr9h-du4n-zbck https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:49:17.305525+00:00 Debian Oval Importer Affected by VCID-hk4w-wqwm-b7dx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:00:09.907780+00:00 Debian Oval Importer Affected by VCID-fw5u-mcy4-1uaz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:36:57.893855+00:00 Debian Oval Importer Affected by VCID-h8vr-29am-jueb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-11T22:13:39.143542+00:00 Debian Oval Importer Affected by VCID-drpr-qvbq-c7ep https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:38:30.727176+00:00 Debian Oval Importer Affected by VCID-dy4t-8mzp-k3h9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:12:34.863943+00:00 Debian Oval Importer Affected by VCID-wruk-nknh-2fh4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:00:12.802102+00:00 Debian Oval Importer Affected by VCID-v1k1-swqj-akcj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:54:31.691324+00:00 Debian Oval Importer Affected by VCID-u2z3-9rm9-suda https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:41:00.238523+00:00 Debian Oval Importer Affected by VCID-t8h7-hah9-bkaw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:37:40.605003+00:00 Debian Oval Importer Affected by VCID-4ayz-e7qd-q3hv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:46:43.342704+00:00 Debian Oval Importer Affected by VCID-kr9h-du4n-zbck https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:36:05.064428+00:00 Debian Oval Importer Affected by VCID-hk4w-wqwm-b7dx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:47:44.169280+00:00 Debian Oval Importer Affected by VCID-fw5u-mcy4-1uaz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:24:53.292193+00:00 Debian Oval Importer Affected by VCID-h8vr-29am-jueb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T21:50:02.362713+00:00 Debian Oval Importer Affected by VCID-drpr-qvbq-c7ep https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:18:34.308559+00:00 Debian Oval Importer Affected by VCID-dy4t-8mzp-k3h9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:53:46.197510+00:00 Debian Oval Importer Affected by VCID-wruk-nknh-2fh4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:44:43.816753+00:00 Debian Oval Importer Affected by VCID-v1k1-swqj-akcj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:39:13.260014+00:00 Debian Oval Importer Affected by VCID-u2z3-9rm9-suda https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:28:19.105316+00:00 Debian Oval Importer Affected by VCID-t8h7-hah9-bkaw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:25:08.085284+00:00 Debian Oval Importer Affected by VCID-4ayz-e7qd-q3hv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:37:01.056913+00:00 Debian Oval Importer Affected by VCID-kr9h-du4n-zbck https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:26:54.530918+00:00 Debian Oval Importer Affected by VCID-hk4w-wqwm-b7dx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:41:19.168454+00:00 Debian Oval Importer Affected by VCID-fw5u-mcy4-1uaz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:19:22.613650+00:00 Debian Oval Importer Affected by VCID-h8vr-29am-jueb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0