{"url":"http://public2.vulnerablecode.io/api/packages/38972?format=json","purl":"pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie","type":"deb","namespace":"debian","name":"epiphany-browser","version":"43.1-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"48.1-1","latest_non_vulnerable_version":"50.4-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/24209?format=json","vulnerability_id":"VCID-dm4u-nxkf-e3dx","summary":"","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3839","reference_id":"","reference_type":"","scores":[{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.0529","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-3839"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3839","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-3839"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-3839","reference_id":"CVE-2025-3839","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-23T18:54:33Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-3839"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2361430","reference_id":"show_bug.cgi?id=2361430","reference_type":"","scores":[{"value":"8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-01-23T18:54:33Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2361430"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/38998?format=json","purl":"pkg:deb/debian/epiphany-browser@48.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38976?format=json","purl":"pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38975?format=json","purl":"pkg:deb/debian/epiphany-browser@50.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.4-1%3Fdistro=trixie"}],"aliases":["CVE-2025-3839"],"risk_score":3.6,"exploitability":"0.5","weighted_severity":"7.2","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-dm4u-nxkf-e3dx"}],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/199983?format=json","vulnerability_id":"VCID-5bqr-jvxt-v3hd","summary":"The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0238","reference_id":"","reference_type":"","scores":[{"value":"0.00748","scoring_system":"epss","scoring_elements":"0.73545","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2005-0238"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0238","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0238"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/38973?format=json","purl":"pkg:deb/debian/epiphany-browser@1.4.8-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@1.4.8-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38974?format=json","purl":"pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8dec-2kb4-tudy"},{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38972?format=json","purl":"pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38976?format=json","purl":"pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38975?format=json","purl":"pkg:deb/debian/epiphany-browser@50.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.4-1%3Fdistro=trixie"}],"aliases":["CVE-2005-0238"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5bqr-jvxt-v3hd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/6908?format=json","vulnerability_id":"VCID-6bfy-ztkb-6qhx","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25085.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-25085.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2019-25085","reference_id":"","reference_type":"","scores":[{"value":"0.00538","scoring_system":"epss","scoring_elements":"0.67995","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2019-25085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25085","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-25085"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2156440","reference_id":"2156440","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2156440"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/38983?format=json","purl":"pkg:deb/debian/epiphany-browser@3.34.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.34.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38974?format=json","purl":"pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8dec-2kb4-tudy"},{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38972?format=json","purl":"pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38976?format=json","purl":"pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38975?format=json","purl":"pkg:deb/debian/epiphany-browser@50.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.4-1%3Fdistro=trixie"}],"aliases":["CVE-2019-25085"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6bfy-ztkb-6qhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/205893?format=json","vulnerability_id":"VCID-7pev-xkcj-8qcu","summary":"libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via certain window.open and document.write calls.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12016","reference_id":"","reference_type":"","scores":[{"value":"0.00894","scoring_system":"epss","scoring_elements":"0.76035","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-12016"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12016","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12016"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901018","reference_id":"901018","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901018"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/38981?format=json","purl":"pkg:deb/debian/epiphany-browser@3.28.3.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.28.3.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38974?format=json","purl":"pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8dec-2kb4-tudy"},{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38972?format=json","purl":"pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38976?format=json","purl":"pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38975?format=json","purl":"pkg:deb/debian/epiphany-browser@50.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.4-1%3Fdistro=trixie"}],"aliases":["CVE-2018-12016"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7pev-xkcj-8qcu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/135933?format=json","vulnerability_id":"VCID-8dec-2kb4-tudy","summary":"In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-26081","reference_id":"","reference_type":"","scores":[{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.38868","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-26081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26081"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031727","reference_id":"1031727","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1031727"},{"reference_url":"https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1275","reference_id":"1275","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T15:00:16Z/"}],"url":"https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1275"},{"reference_url":"https://github.com/google/security-research/security/advisories/GHSA-mhhf-w9xw-pp9x","reference_id":"GHSA-mhhf-w9xw-pp9x","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T15:00:16Z/"}],"url":"https://github.com/google/security-research/security/advisories/GHSA-mhhf-w9xw-pp9x"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFWUNG6E4ZT43EYNHKYXS7QVSO2VW2H2/","reference_id":"IFWUNG6E4ZT43EYNHKYXS7QVSO2VW2H2","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T15:00:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFWUNG6E4ZT43EYNHKYXS7QVSO2VW2H2/"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00015.html","reference_id":"msg00015.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T15:00:16Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2023/05/msg00015.html"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SADQCSQKTJKTTIJMEPY7GII6IVQSKEKV/","reference_id":"SADQCSQKTJKTTIJMEPY7GII6IVQSKEKV","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:Y/T:P/P:M/B:A/M:M/D:T/2025-03-18T15:00:16Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SADQCSQKTJKTTIJMEPY7GII6IVQSKEKV/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/38972?format=json","purl":"pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38976?format=json","purl":"pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38975?format=json","purl":"pkg:deb/debian/epiphany-browser@50.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.4-1%3Fdistro=trixie"}],"aliases":["CVE-2023-26081"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8dec-2kb4-tudy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208927?format=json","vulnerability_id":"VCID-bhhr-8rgp-kyaa","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45085","reference_id":"","reference_type":"","scores":[{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52627","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45085","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45086","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45086"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45087","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45087"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45088","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45088"},{"reference_url":"https://usn.ubuntu.com/5561-1/","reference_id":"USN-5561-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5561-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/38986?format=json","purl":"pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38974?format=json","purl":"pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8dec-2kb4-tudy"},{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38985?format=json","purl":"pkg:deb/debian/epiphany-browser@41.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@41.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38972?format=json","purl":"pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38976?format=json","purl":"pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38975?format=json","purl":"pkg:deb/debian/epiphany-browser@50.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.4-1%3Fdistro=trixie"}],"aliases":["CVE-2021-45085"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bhhr-8rgp-kyaa"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/178213?format=json","vulnerability_id":"VCID-c5nw-v7fh-j7fx","summary":"An untrusted search path vulnerability in Epiphany might result in the\n    execution of arbitrary code.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5985","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21017","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2008-5985"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5985","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5985"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504363","reference_id":"504363","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=504363"},{"reference_url":"https://security.gentoo.org/glsa/200903-16","reference_id":"GLSA-200903-16","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/200903-16"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/38977?format=json","purl":"pkg:deb/debian/epiphany-browser@2.22.3-7?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@2.22.3-7%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38974?format=json","purl":"pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8dec-2kb4-tudy"},{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38972?format=json","purl":"pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38976?format=json","purl":"pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38975?format=json","purl":"pkg:deb/debian/epiphany-browser@50.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.4-1%3Fdistro=trixie"}],"aliases":["CVE-2008-5985"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-c5nw-v7fh-j7fx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208930?format=json","vulnerability_id":"VCID-ctjw-r5ym-6fby","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45088","reference_id":"","reference_type":"","scores":[{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52627","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45088"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45085","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45086","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45086"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45087","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45087"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45088","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45088"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/38986?format=json","purl":"pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38974?format=json","purl":"pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8dec-2kb4-tudy"},{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38985?format=json","purl":"pkg:deb/debian/epiphany-browser@41.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@41.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38972?format=json","purl":"pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38976?format=json","purl":"pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38975?format=json","purl":"pkg:deb/debian/epiphany-browser@50.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.4-1%3Fdistro=trixie"}],"aliases":["CVE-2021-45088"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ctjw-r5ym-6fby"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/177643?format=json","vulnerability_id":"VCID-hxut-5n36-eqe1","summary":"A vulnerability has been discovered in Epiphany, which can lead to a buffer overflow.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29536","reference_id":"","reference_type":"","scores":[{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35453","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-29536"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29536","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29536"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009959","reference_id":"1009959","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1009959"},{"reference_url":"https://security.archlinux.org/AVG-2684","reference_id":"AVG-2684","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2684"},{"reference_url":"https://security.gentoo.org/glsa/202405-27","reference_id":"GLSA-202405-27","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202405-27"},{"reference_url":"https://usn.ubuntu.com/5561-1/","reference_id":"USN-5561-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5561-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/38974?format=json","purl":"pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8dec-2kb4-tudy"},{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38994?format=json","purl":"pkg:deb/debian/epiphany-browser@42.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@42.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38972?format=json","purl":"pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38976?format=json","purl":"pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38975?format=json","purl":"pkg:deb/debian/epiphany-browser@50.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.4-1%3Fdistro=trixie"}],"aliases":["CVE-2022-29536"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hxut-5n36-eqe1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208929?format=json","vulnerability_id":"VCID-jhyw-f8ng-kfg7","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45087","reference_id":"","reference_type":"","scores":[{"value":"0.00288","scoring_system":"epss","scoring_elements":"0.52627","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45087"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45085","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45086","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45086"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45087","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45087"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45088","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45088"},{"reference_url":"https://usn.ubuntu.com/5561-1/","reference_id":"USN-5561-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5561-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/38986?format=json","purl":"pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38974?format=json","purl":"pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8dec-2kb4-tudy"},{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38985?format=json","purl":"pkg:deb/debian/epiphany-browser@41.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@41.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38972?format=json","purl":"pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38976?format=json","purl":"pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38975?format=json","purl":"pkg:deb/debian/epiphany-browser@50.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.4-1%3Fdistro=trixie"}],"aliases":["CVE-2021-45087"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jhyw-f8ng-kfg7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/208928?format=json","vulnerability_id":"VCID-jvyn-46et-ayb1","summary":"security update","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45086","reference_id":"","reference_type":"","scores":[{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43817","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-45086"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45085","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45085"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45086","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45086"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45087","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45087"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45088","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45088"},{"reference_url":"https://usn.ubuntu.com/5561-1/","reference_id":"USN-5561-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5561-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/38986?format=json","purl":"pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38974?format=json","purl":"pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8dec-2kb4-tudy"},{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38985?format=json","purl":"pkg:deb/debian/epiphany-browser@41.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@41.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38972?format=json","purl":"pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38976?format=json","purl":"pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38975?format=json","purl":"pkg:deb/debian/epiphany-browser@50.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.4-1%3Fdistro=trixie"}],"aliases":["CVE-2021-45086"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jvyn-46et-ayb1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/205841?format=json","vulnerability_id":"VCID-kbqk-pthh-yfd6","summary":"ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11396","reference_id":"","reference_type":"","scores":[{"value":"0.00685","scoring_system":"epss","scoring_elements":"0.72163","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-11396"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11396","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11396"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=899409","reference_id":"899409","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=899409"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/38980?format=json","purl":"pkg:deb/debian/epiphany-browser@3.28.2.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.28.2.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38974?format=json","purl":"pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8dec-2kb4-tudy"},{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38972?format=json","purl":"pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38976?format=json","purl":"pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38975?format=json","purl":"pkg:deb/debian/epiphany-browser@50.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.4-1%3Fdistro=trixie"}],"aliases":["CVE-2018-11396"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-kbqk-pthh-yfd6"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/204692?format=json","vulnerability_id":"VCID-nwr4-3g6x-xufq","summary":"GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000025","reference_id":"","reference_type":"","scores":[{"value":"0.00498","scoring_system":"epss","scoring_elements":"0.66326","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2017-1000025"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000025","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000025"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/38979?format=json","purl":"pkg:deb/debian/epiphany-browser@3.22.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.22.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38974?format=json","purl":"pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8dec-2kb4-tudy"},{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38972?format=json","purl":"pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38976?format=json","purl":"pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38975?format=json","purl":"pkg:deb/debian/epiphany-browser@50.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.4-1%3Fdistro=trixie"}],"aliases":["CVE-2017-1000025"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nwr4-3g6x-xufq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/201789?format=json","vulnerability_id":"VCID-swep-c79h-jkfx","summary":"Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock icon for any URL beginning with the https: substring, without any warning to the user, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted X.509 server certificate.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3312","reference_id":"","reference_type":"","scores":[{"value":"0.00533","scoring_system":"epss","scoring_elements":"0.67767","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2010-3312"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3312","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3312"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564690","reference_id":"564690","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=564690"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/38978?format=json","purl":"pkg:deb/debian/epiphany-browser@2.29.91-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@2.29.91-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38974?format=json","purl":"pkg:deb/debian/epiphany-browser@3.38.2-1%2Bdeb11u3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-8dec-2kb4-tudy"},{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@3.38.2-1%252Bdeb11u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38972?format=json","purl":"pkg:deb/debian/epiphany-browser@43.1-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-dm4u-nxkf-e3dx"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38976?format=json","purl":"pkg:deb/debian/epiphany-browser@48.5-0%2Bdeb13u1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@48.5-0%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/38975?format=json","purl":"pkg:deb/debian/epiphany-browser@50.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@50.4-1%3Fdistro=trixie"}],"aliases":["CVE-2010-3312"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-swep-c79h-jkfx"}],"risk_score":"3.6","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/epiphany-browser@43.1-1%3Fdistro=trixie"}