CVE-2021-45088
published 2021-12-16CVE-2021-45088: XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an error page.
PriorityP423medium6.1CVSS 3.1
AVNACLPRNUIRSCCLILAN
EPSS
1.42%
69.4th percentile
XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an error page.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | epiphany-browser | < epiphany-browser 41.2-1 (bookworm) | epiphany-browser 41.2-1 (bookworm) |
| gnome | epiphany | < 40.4 | 40.4 |
| gnome | epiphany | >= 41.0 < 41.1 | 41.1 |
CVSS provenance
nvdv3.16.1MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:N/I:P/A:N
osv6.1MEDIUM
vendor_debian6.1MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2021-45088: epiphany-browser - XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via a...
vendor_debian·2021·CVSS 6.1
CVE-2021-45088 [MEDIUM] CVE-2021-45088: epiphany-browser - XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via a...
XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an error page.
Scope: local
bookworm: resolved (fixed in 41.2-1)
bullseye: resolved (fixed in 3.38.2-1+deb11u1)
forky: resolved (fixed in 41.2-1)
sid: resolved (fixed in 41.2-1)
trixie: resolved (fixed in 41.2-1)
GHSA
GHSA-w5vj-23fw-q536: XSS can occur in GNOME Web (aka Epiphany) before 40
ghsa_unreviewed·2021-12-17
CVE-2021-45088 [MEDIUM] CWE-79 GHSA-w5vj-23fw-q536: XSS can occur in GNOME Web (aka Epiphany) before 40
XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an error page.
OSV
CVE-2021-45088: XSS can occur in GNOME Web (aka Epiphany) before 40
osv·2021-12-16·CVSS 6.1
CVE-2021-45088 [MEDIUM] CVE-2021-45088: XSS can occur in GNOME Web (aka Epiphany) before 40
XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an error page.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://gitlab.gnome.org/GNOME/epiphany/-/issues/1612https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1045https://lists.debian.org/debian-lts-announce/2022/08/msg00006.htmlhttps://www.debian.org/security/2022/dsa-5042https://gitlab.gnome.org/GNOME/epiphany/-/issues/1612https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1045https://lists.debian.org/debian-lts-announce/2022/08/msg00006.htmlhttps://www.debian.org/security/2022/dsa-5042
2021-12-16
Published