Search for packages
Package details: pkg:deb/debian/epiphany-browser@3.22.7-1
purl pkg:deb/debian/epiphany-browser@3.22.7-1
Next non-vulnerable version 48.3-2
Latest non-vulnerable version 48.3-2
Risk 4.0
Vulnerabilities affecting this package (9)
Vulnerability Summary Fixed by
VCID-869c-shsa-aaad
Aliases:
CVE-2018-12016
libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via certain window.open and document.write calls.
3.32.1.2-3~deb10u1
Affected by 7 other vulnerabilities.
VCID-gex6-76gc-aaag
Aliases:
CVE-2018-11396
ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call.
3.32.1.2-3~deb10u1
Affected by 7 other vulnerabilities.
VCID-hg6a-nnf7-aaan
Aliases:
CVE-2021-45087
XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title.
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-kr21-knq3-aaaf
Aliases:
CVE-2019-25085
A vulnerability was found in GNOME gvdb. It has been classified as critical. This affects the function gvdb_table_write_contents_async of the file gvdb-builder.c. The manipulation leads to use after free. It is possible to initiate the attack remotely. The name of the patch is d83587b2a364eb9a9a53be7e6a708074e252de14. It is recommended to apply a patch to fix this issue. The identifier VDB-216789 was assigned to this vulnerability.
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-qccg-re6f-aaaf
Aliases:
CVE-2022-29536
In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-v3v3-16gd-aaas
Aliases:
CVE-2023-26081
In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
43.1-1
Affected by 1 other vulnerability.
VCID-wdyq-k3mq-aaah
Aliases:
CVE-2021-45086
XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 because a server's suggested_filename is used as the pdf_name value in PDF.js.
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-xmbp-1n9r-aaab
Aliases:
CVE-2021-45088
XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an error page.
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
VCID-zk2g-37wy-aaah
Aliases:
CVE-2021-45085
XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an about: page, as demonstrated by ephy-about:overview when a user visits an XSS payload page often enough to place that page on the Most Visited list.
3.38.2-1+deb11u3
Affected by 2 other vulnerabilities.
Vulnerabilities fixed by this package (1)
Vulnerability Summary Aliases
VCID-2316-kp7u-aaag GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites. CVE-2017-1000025

Date Actor Action Vulnerability Source VulnerableCode Version
2025-06-22T11:51:43.933088+00:00 Debian Importer Affected by VCID-xmbp-1n9r-aaab None 36.1.3
2025-06-22T05:36:24.065039+00:00 Debian Importer Affected by VCID-zk2g-37wy-aaah None 36.1.3
2025-06-21T23:54:04.181870+00:00 Debian Importer Affected by VCID-hg6a-nnf7-aaan None 36.1.3
2025-06-21T19:13:55.486545+00:00 Debian Oval Importer Affected by VCID-hg6a-nnf7-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T19:06:46.928308+00:00 Debian Oval Importer Affected by VCID-wdyq-k3mq-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T18:35:10.235614+00:00 Debian Oval Importer Affected by VCID-gex6-76gc-aaag https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.3
2025-06-21T17:49:35.715885+00:00 Debian Oval Importer Affected by VCID-869c-shsa-aaad https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T17:00:28.661198+00:00 Debian Oval Importer Fixing VCID-2316-kp7u-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T16:28:53.903433+00:00 Debian Oval Importer Affected by VCID-qccg-re6f-aaaf https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T16:21:30.976663+00:00 Debian Oval Importer Affected by VCID-v3v3-16gd-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T15:41:57.915748+00:00 Debian Oval Importer Affected by VCID-xmbp-1n9r-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T15:02:11.924015+00:00 Debian Oval Importer Affected by VCID-gex6-76gc-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T11:43:15.175073+00:00 Debian Oval Importer Affected by VCID-zk2g-37wy-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T11:30:04.559532+00:00 Debian Oval Importer Affected by VCID-hg6a-nnf7-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.3
2025-06-21T08:13:10.870856+00:00 Debian Oval Importer Affected by VCID-v3v3-16gd-aaas None 36.1.3
2025-06-21T07:03:12.766300+00:00 Debian Oval Importer Affected by VCID-kr21-knq3-aaaf None 36.1.3
2025-06-21T04:42:58.768317+00:00 Debian Oval Importer Affected by VCID-wdyq-k3mq-aaah None 36.1.3
2025-06-21T03:14:48.963326+00:00 Debian Importer Affected by VCID-gex6-76gc-aaag None 36.1.3
2025-06-21T00:53:33.135001+00:00 Debian Oval Importer Fixing VCID-2316-kp7u-aaag None 36.1.3
2025-06-21T00:34:17.829937+00:00 Debian Oval Importer Affected by VCID-gex6-76gc-aaag None 36.1.3
2025-06-21T00:32:42.988793+00:00 Debian Oval Importer Affected by VCID-zk2g-37wy-aaah None 36.1.3
2025-06-21T00:22:02.787212+00:00 Debian Oval Importer Affected by VCID-hg6a-nnf7-aaan None 36.1.3
2025-06-20T21:54:28.861068+00:00 Debian Oval Importer Affected by VCID-qccg-re6f-aaaf None 36.1.3
2025-06-20T21:33:18.672587+00:00 Debian Oval Importer Affected by VCID-869c-shsa-aaad None 36.1.3
2025-06-20T20:43:48.624096+00:00 Debian Oval Importer Affected by VCID-xmbp-1n9r-aaab None 36.1.3
2025-06-08T13:08:06.916983+00:00 Debian Oval Importer Affected by VCID-xmbp-1n9r-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T13:04:22.371989+00:00 Debian Oval Importer Fixing VCID-2316-kp7u-aaag https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:17:35.050776+00:00 Debian Oval Importer Affected by VCID-kr21-knq3-aaaf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T12:15:28.870053+00:00 Debian Oval Importer Affected by VCID-zk2g-37wy-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:42:44.012083+00:00 Debian Oval Importer Affected by VCID-hg6a-nnf7-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:35:52.369005+00:00 Debian Oval Importer Affected by VCID-wdyq-k3mq-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T11:05:32.096504+00:00 Debian Oval Importer Affected by VCID-gex6-76gc-aaag https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.1.0
2025-06-08T10:22:32.072800+00:00 Debian Oval Importer Affected by VCID-869c-shsa-aaad https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:45:31.750605+00:00 Debian Oval Importer Fixing VCID-2316-kp7u-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:14:46.569889+00:00 Debian Oval Importer Affected by VCID-qccg-re6f-aaaf https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T09:07:40.503327+00:00 Debian Oval Importer Affected by VCID-v3v3-16gd-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T08:36:04.920870+00:00 Debian Oval Importer Affected by VCID-xmbp-1n9r-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T07:55:34.027064+00:00 Debian Oval Importer Affected by VCID-gex6-76gc-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T04:59:01.469844+00:00 Debian Oval Importer Affected by VCID-zk2g-37wy-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T04:50:34.283544+00:00 Debian Oval Importer Affected by VCID-hg6a-nnf7-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.1.0
2025-06-08T01:54:28.858102+00:00 Debian Oval Importer Affected by VCID-v3v3-16gd-aaas None 36.1.0
2025-06-08T00:42:56.926287+00:00 Debian Oval Importer Affected by VCID-kr21-knq3-aaaf None 36.1.0
2025-06-07T22:19:54.957669+00:00 Debian Oval Importer Affected by VCID-wdyq-k3mq-aaah None 36.1.0
2025-06-07T18:15:54.592273+00:00 Debian Oval Importer Fixing VCID-2316-kp7u-aaag None 36.1.0
2025-06-07T17:56:55.870095+00:00 Debian Oval Importer Affected by VCID-gex6-76gc-aaag None 36.1.0
2025-06-07T17:55:21.522464+00:00 Debian Oval Importer Affected by VCID-zk2g-37wy-aaah None 36.1.0
2025-06-07T17:44:56.281442+00:00 Debian Oval Importer Affected by VCID-hg6a-nnf7-aaan None 36.1.0
2025-06-07T15:17:51.939985+00:00 Debian Oval Importer Affected by VCID-qccg-re6f-aaaf None 36.1.0
2025-06-07T14:55:52.216273+00:00 Debian Oval Importer Affected by VCID-869c-shsa-aaad None 36.1.0
2025-06-07T14:15:41.739537+00:00 Debian Oval Importer Affected by VCID-xmbp-1n9r-aaab None 36.1.0
2025-04-12T21:03:25.720068+00:00 Debian Oval Importer Affected by VCID-qccg-re6f-aaaf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T19:43:27.575209+00:00 Debian Oval Importer Affected by VCID-869c-shsa-aaad https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:55:44.957637+00:00 Debian Oval Importer Affected by VCID-xmbp-1n9r-aaab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:51:51.940385+00:00 Debian Oval Importer Fixing VCID-2316-kp7u-aaag https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:03:24.555220+00:00 Debian Oval Importer Affected by VCID-kr21-knq3-aaaf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T18:01:13.372897+00:00 Debian Oval Importer Affected by VCID-zk2g-37wy-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:27:32.144069+00:00 Debian Oval Importer Affected by VCID-hg6a-nnf7-aaan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T17:20:22.895140+00:00 Debian Oval Importer Affected by VCID-wdyq-k3mq-aaah https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:48:50.803903+00:00 Debian Oval Importer Affected by VCID-gex6-76gc-aaag https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 36.0.0
2025-04-12T16:03:32.800857+00:00 Debian Oval Importer Affected by VCID-869c-shsa-aaad https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T08:17:51.575644+00:00 Debian Oval Importer Fixing VCID-2316-kp7u-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T07:46:46.112332+00:00 Debian Oval Importer Affected by VCID-qccg-re6f-aaaf https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T07:39:29.248407+00:00 Debian Oval Importer Affected by VCID-v3v3-16gd-aaas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T07:07:31.684263+00:00 Debian Oval Importer Affected by VCID-xmbp-1n9r-aaab https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T06:28:00.391525+00:00 Debian Oval Importer Affected by VCID-gex6-76gc-aaag https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T03:30:00.600140+00:00 Debian Oval Importer Affected by VCID-zk2g-37wy-aaah https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T03:21:43.103842+00:00 Debian Oval Importer Affected by VCID-hg6a-nnf7-aaan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 36.0.0
2025-04-08T00:26:07.403860+00:00 Debian Oval Importer Affected by VCID-v3v3-16gd-aaas None 36.0.0
2025-04-07T23:15:14.382133+00:00 Debian Oval Importer Affected by VCID-kr21-knq3-aaaf None 36.0.0
2025-04-07T20:51:26.702142+00:00 Debian Oval Importer Affected by VCID-wdyq-k3mq-aaah None 36.0.0
2025-04-07T16:53:22.957508+00:00 Debian Oval Importer Fixing VCID-2316-kp7u-aaag None 36.0.0
2025-04-07T16:33:48.229596+00:00 Debian Oval Importer Affected by VCID-gex6-76gc-aaag None 36.0.0
2025-04-07T16:32:10.096572+00:00 Debian Oval Importer Affected by VCID-zk2g-37wy-aaah None 36.0.0
2025-04-07T16:21:08.397723+00:00 Debian Oval Importer Affected by VCID-hg6a-nnf7-aaan None 36.0.0
2025-04-07T13:49:21.470179+00:00 Debian Oval Importer Affected by VCID-qccg-re6f-aaaf None 36.0.0
2025-04-07T13:27:50.284655+00:00 Debian Oval Importer Affected by VCID-869c-shsa-aaad None 36.0.0
2025-04-07T12:48:39.140257+00:00 Debian Oval Importer Affected by VCID-xmbp-1n9r-aaab None 36.0.0
2025-04-07T06:47:41.015574+00:00 Debian Importer Affected by VCID-869c-shsa-aaad None 36.0.0
2025-04-06T21:36:59.985951+00:00 Debian Importer Affected by VCID-wdyq-k3mq-aaah None 36.0.0
2025-04-06T05:07:38.488839+00:00 Debian Importer Affected by VCID-xmbp-1n9r-aaab None 36.0.0
2025-04-05T23:27:55.382480+00:00 Debian Importer Affected by VCID-zk2g-37wy-aaah None 36.0.0
2025-04-05T19:16:32.599813+00:00 Debian Importer Affected by VCID-hg6a-nnf7-aaan None 36.0.0
2025-04-04T06:02:30.330398+00:00 Debian Importer Affected by VCID-gex6-76gc-aaag None 36.0.0
2025-02-20T07:55:23.955053+00:00 Debian Importer Affected by VCID-xmbp-1n9r-aaab None 35.1.0
2025-02-20T07:55:22.051878+00:00 Debian Importer Affected by VCID-hg6a-nnf7-aaan None 35.1.0
2025-02-20T07:55:17.794586+00:00 Debian Importer Affected by VCID-wdyq-k3mq-aaah None 35.1.0
2025-02-20T07:55:11.803576+00:00 Debian Importer Affected by VCID-zk2g-37wy-aaah None 35.1.0
2025-02-19T00:58:48.668139+00:00 Debian Importer Affected by VCID-869c-shsa-aaad None 35.1.0
2025-02-19T00:49:28.972438+00:00 Debian Importer Affected by VCID-gex6-76gc-aaag None 35.1.0
2024-11-23T01:23:46.595301+00:00 Debian Importer Affected by VCID-xmbp-1n9r-aaab None 35.0.0
2024-11-23T01:23:44.692124+00:00 Debian Importer Affected by VCID-hg6a-nnf7-aaan None 35.0.0
2024-11-23T01:23:40.429667+00:00 Debian Importer Affected by VCID-wdyq-k3mq-aaah None 35.0.0
2024-11-23T01:23:34.392189+00:00 Debian Importer Affected by VCID-zk2g-37wy-aaah None 35.0.0
2024-10-09T23:54:19.004638+00:00 Debian Importer Affected by VCID-xmbp-1n9r-aaab None 34.0.2
2024-10-09T23:54:17.082857+00:00 Debian Importer Affected by VCID-hg6a-nnf7-aaan None 34.0.2
2024-10-09T23:54:12.842270+00:00 Debian Importer Affected by VCID-wdyq-k3mq-aaah None 34.0.2
2024-10-09T23:54:06.717935+00:00 Debian Importer Affected by VCID-zk2g-37wy-aaah None 34.0.2
2024-09-19T07:29:28.800920+00:00 Debian Importer Affected by VCID-xmbp-1n9r-aaab None 34.0.1
2024-09-19T07:29:26.942394+00:00 Debian Importer Affected by VCID-hg6a-nnf7-aaan None 34.0.1
2024-09-19T07:29:22.754049+00:00 Debian Importer Affected by VCID-wdyq-k3mq-aaah None 34.0.1
2024-09-19T07:29:16.913439+00:00 Debian Importer Affected by VCID-zk2g-37wy-aaah None 34.0.1
2024-04-25T05:57:46.548264+00:00 Debian Importer Affected by VCID-xmbp-1n9r-aaab None 34.0.0rc4
2024-04-25T05:57:44.614677+00:00 Debian Importer Affected by VCID-hg6a-nnf7-aaan None 34.0.0rc4
2024-04-25T05:57:40.508391+00:00 Debian Importer Affected by VCID-wdyq-k3mq-aaah None 34.0.0rc4
2024-04-25T05:57:34.642203+00:00 Debian Importer Affected by VCID-zk2g-37wy-aaah None 34.0.0rc4
2024-04-24T12:14:44.106527+00:00 Debian Importer Affected by VCID-869c-shsa-aaad None 34.0.0rc4
2024-04-24T12:13:05.220131+00:00 Debian Importer Affected by VCID-gex6-76gc-aaag None 34.0.0rc4
2024-01-11T07:58:48.864270+00:00 Debian Importer Affected by VCID-xmbp-1n9r-aaab None 34.0.0rc2
2024-01-11T07:58:46.646387+00:00 Debian Importer Affected by VCID-hg6a-nnf7-aaan None 34.0.0rc2
2024-01-11T07:58:42.434245+00:00 Debian Importer Affected by VCID-wdyq-k3mq-aaah None 34.0.0rc2
2024-01-11T07:58:36.123265+00:00 Debian Importer Affected by VCID-zk2g-37wy-aaah None 34.0.0rc2
2024-01-10T14:08:50.332004+00:00 Debian Importer Affected by VCID-869c-shsa-aaad None 34.0.0rc2
2024-01-10T14:06:19.941262+00:00 Debian Importer Affected by VCID-gex6-76gc-aaag None 34.0.0rc2
2024-01-04T18:24:44.368712+00:00 Debian Importer Affected by VCID-xmbp-1n9r-aaab None 34.0.0rc1
2024-01-04T18:24:42.589969+00:00 Debian Importer Affected by VCID-hg6a-nnf7-aaan None 34.0.0rc1
2024-01-04T18:24:38.786554+00:00 Debian Importer Affected by VCID-wdyq-k3mq-aaah None 34.0.0rc1
2024-01-04T18:24:33.225806+00:00 Debian Importer Affected by VCID-zk2g-37wy-aaah None 34.0.0rc1
2024-01-04T05:12:21.994549+00:00 Debian Importer Affected by VCID-869c-shsa-aaad None 34.0.0rc1
2024-01-04T05:10:54.207103+00:00 Debian Importer Affected by VCID-gex6-76gc-aaag None 34.0.0rc1