CVE-2018-12016 — Epiphany vulnerability

7 documents6 sources
Severity
7.5HIGHNVD
EPSS
0.9%
top 24.38%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Gnome Epiphany
Timeline
PublishedJun 7
Latest updateMay 13

Description

libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via certain window.open and document.write calls.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6

Affected Packages1 packages

â–¶NVDgnome/epiphany3.28.2.1

🔴Vulnerability Details

3
GHSA
GHSA-5fwp-wgrw-hj8x: libephymain↗2022-05-13
â–¶
OSV
CVE-2018-12016: libephymain↗2018-06-07
â–¶
CVEList
CVE-2018-12016: libephymain↗2018-06-07
â–¶

📋Vendor Advisories

1
Debian
CVE-2018-12016: epiphany-browser - libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attack...↗2018
â–¶

💬Community

2
Bugzilla
CVE-2018-12016 epiphany: Denial of service via window.open and document.write calls↗2018-06-07
â–¶
Bugzilla
CVE-2018-12016 epiphany: Denial of service via window.open and document.write calls [fedora-all]↗2018-06-07
â–¶
CVE-2018-12016 — Gnome Epiphany vulnerability | cvebase