VulnerableCode Package Details - pkg:deb/ubuntu/epiphany-browser@3.28.5-0ubuntu1

Search for packages

Package details: pkg:deb/ubuntu/epiphany-browser@3.28.5-0ubuntu1

Essentials
History (0)

purl	pkg:deb/ubuntu/epiphany-browser@3.28.5-0ubuntu1

Next non-vulnerable version	3.28.6-0ubuntu1
Latest non-vulnerable version	3.28.6-0ubuntu1
Risk	3.4

Vulnerabilities affecting this package (1)

Vulnerability	Summary	Fixed by
VCID-2316-kp7u-aaag Aliases: CVE-2017-1000025	GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites.	3.28.6-0ubuntu1 Affected by 0 other vulnerabilities.

Vulnerabilities fixed by this package (2)

Vulnerability	Summary	Aliases
VCID-869c-shsa-aaad	libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via certain window.open and document.write calls.	CVE-2018-12016
VCID-gex6-76gc-aaag	ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call.	CVE-2018-11396

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version