Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/epiphany-browser@2.30.6-1
purl pkg:deb/debian/epiphany-browser@2.30.6-1
Next non-vulnerable version 48.5-0+deb13u1
Latest non-vulnerable version 48.5-0+deb13u1
Risk 4.0
Vulnerabilities affecting this package (9)
Vulnerability Summary Fixed by
VCID-4ayz-e7qd-q3hv
Aliases:
CVE-2021-45085
security update
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-drpr-qvbq-c7ep
Aliases:
CVE-2022-29536
A vulnerability has been discovered in Epiphany, which can lead to a buffer overflow.
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-fw5u-mcy4-1uaz
Aliases:
CVE-2018-11396
ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call.
3.32.1.2-3~deb10u1
Affected by 6 other vulnerabilities.
VCID-hk4w-wqwm-b7dx
Aliases:
CVE-2021-45086
security update
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-kr9h-du4n-zbck
Aliases:
CVE-2021-45087
security update
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-t8h7-hah9-bkaw
Aliases:
CVE-2019-25085
gvdb: use after free issue was fixed in gvdb_table_write_contents_async()
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-u2z3-9rm9-suda
Aliases:
CVE-2017-1000025
GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites.
3.22.7-1
Affected by 8 other vulnerabilities.
VCID-v1k1-swqj-akcj
Aliases:
CVE-2021-45088
security update
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-wruk-nknh-2fh4
Aliases:
CVE-2018-12016
libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via certain window.open and document.write calls.
3.32.1.2-3~deb10u1
Affected by 6 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-h8vr-29am-jueb Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock icon for any URL beginning with the https: substring, without any warning to the user, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted X.509 server certificate. CVE-2010-3312

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T22:36:50.051554+00:00 Debian Oval Importer Affected by VCID-drpr-qvbq-c7ep https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:31:13.357179+00:00 Debian Oval Importer Affected by VCID-wruk-nknh-2fh4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:16:46.745881+00:00 Debian Oval Importer Affected by VCID-v1k1-swqj-akcj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:10:52.799804+00:00 Debian Oval Importer Affected by VCID-u2z3-9rm9-suda https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:55:04.469481+00:00 Debian Oval Importer Affected by VCID-t8h7-hah9-bkaw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:51:42.432282+00:00 Debian Oval Importer Affected by VCID-4ayz-e7qd-q3hv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T17:00:07.248608+00:00 Debian Oval Importer Affected by VCID-kr9h-du4n-zbck https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:49:17.315753+00:00 Debian Oval Importer Affected by VCID-hk4w-wqwm-b7dx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:00:09.917813+00:00 Debian Oval Importer Affected by VCID-fw5u-mcy4-1uaz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:36:57.904126+00:00 Debian Oval Importer Fixing VCID-h8vr-29am-jueb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-11T22:13:39.154284+00:00 Debian Oval Importer Affected by VCID-drpr-qvbq-c7ep https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:12:34.876430+00:00 Debian Oval Importer Affected by VCID-wruk-nknh-2fh4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T19:00:12.816241+00:00 Debian Oval Importer Affected by VCID-v1k1-swqj-akcj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:54:31.702238+00:00 Debian Oval Importer Affected by VCID-u2z3-9rm9-suda https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:41:00.250508+00:00 Debian Oval Importer Affected by VCID-t8h7-hah9-bkaw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:37:40.617283+00:00 Debian Oval Importer Affected by VCID-4ayz-e7qd-q3hv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:46:43.354282+00:00 Debian Oval Importer Affected by VCID-kr9h-du4n-zbck https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T16:36:05.077626+00:00 Debian Oval Importer Affected by VCID-hk4w-wqwm-b7dx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:47:44.182600+00:00 Debian Oval Importer Affected by VCID-fw5u-mcy4-1uaz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:24:53.304338+00:00 Debian Oval Importer Fixing VCID-h8vr-29am-jueb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T21:50:02.375905+00:00 Debian Oval Importer Affected by VCID-drpr-qvbq-c7ep https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T19:53:46.211233+00:00 Debian Oval Importer Affected by VCID-wruk-nknh-2fh4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:44:43.829420+00:00 Debian Oval Importer Affected by VCID-v1k1-swqj-akcj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:39:13.272896+00:00 Debian Oval Importer Affected by VCID-u2z3-9rm9-suda https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:28:19.120850+00:00 Debian Oval Importer Affected by VCID-t8h7-hah9-bkaw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:25:08.100205+00:00 Debian Oval Importer Affected by VCID-4ayz-e7qd-q3hv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:37:01.071180+00:00 Debian Oval Importer Affected by VCID-kr9h-du4n-zbck https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T16:26:54.543631+00:00 Debian Oval Importer Affected by VCID-hk4w-wqwm-b7dx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:41:19.182140+00:00 Debian Oval Importer Affected by VCID-fw5u-mcy4-1uaz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:19:22.632240+00:00 Debian Oval Importer Fixing VCID-h8vr-29am-jueb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0