CVE-2022-29536
published 2022-04-20CVE-2022-29536: In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long…
PriorityP339high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
EPSS
1.90%
77.0th percentile
In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.
Affected
8 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | epiphany-browser | < epiphany-browser 42.2-1 (bookworm) | epiphany-browser 42.2-1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| gnome | epiphany | < 41.4 | 41.4 |
| gnome | epiphany | >= 42.0 < 42.2 | 42.2 |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv7.5HIGH
vendor_debian7.5HIGH
vendor_ubuntu6.1MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens SCALANCE XCM-/XRM-300
cisa_ics·2024-02-15
Siemens SCALANCE XCM-/XRM-300
ICS Advisory
##
Siemens SCALANCE XCM-/XRM-300
Release DateFebruary 15, 2024
Alert CodeICSA-24-046-11
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SCALANCE XCM-/XRM-300
- Vulnerabilities: Out-of-bounds Write, Incorrect Type Conversion or Cast, Improper Verification of Cryptographic Signature, Improper Access Control, Improper Authentication, Missing Encryption
Ubuntu
GNOME Web vulnerabilities
vendor_ubuntu·2022-08-10·CVSS 6.1
CVE-2022-29536 [MEDIUM] GNOME Web vulnerabilities
Title: GNOME Web vulnerabilities
Summary: Several security issues were fixed in GNOME Web.
It was discovered that GNOME Web incorrectly filtered certain strings. A
remote attacker could use this issue to perform cross-site scripting (XSS)
attacks. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-45085,
CVE-2021-45086, CVE-2021-45087)
It was discovered that GNOME Web incorrectly handled certain long page
titles. A remote attacker could use this issue to cause GNOME Web to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2022-29536)
Instructions: After a standard system update you need to restart GNOME Web to make all
the necessary changes.
Debian
CVE-2022-29536: epiphany-browser - In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger...
vendor_debian·2022·CVSS 7.5
CVE-2022-29536 [HIGH] CVE-2022-29536: epiphany-browser - In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger...
In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.
Scope: local
bookworm: resolved (fixed in 42.2-1)
bullseye: resolved (fixed in 3.38.2-1+deb11u3)
forky: resolved (fixed in 42.2-1)
sid: resolved (fixed in 42.2-1)
trixie: resolved (fixed in 42.2-1)
OSV
epiphany-browser vulnerabilities
osv·2022-08-10·CVSS 6.1
CVE-2021-45085 [MEDIUM] epiphany-browser vulnerabilities
epiphany-browser vulnerabilities
It was discovered that GNOME Web incorrectly filtered certain strings. A
remote attacker could use this issue to perform cross-site scripting (XSS)
attacks. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-45085,
CVE-2021-45086, CVE-2021-45087)
It was discovered that GNOME Web incorrectly handled certain long page
titles. A remote attacker could use this issue to cause GNOME Web to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2022-29536)
GHSA
GHSA-rmxp-r78p-2258: In GNOME Epiphany before 41
ghsa_unreviewed·2022-04-22
CVE-2022-29536 [HIGH] CWE-787 GHSA-rmxp-r78p-2258: In GNOME Epiphany before 41
In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.
OSV
CVE-2022-29536: In GNOME Epiphany before 41
osv·2022-04-20·CVSS 7.5
CVE-2022-29536 [HIGH] CVE-2022-29536: In GNOME Epiphany before 41
In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1106https://lists.debian.org/debian-lts-announce/2022/08/msg00006.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GLLDMY4JYDZTMZSCPSY23K5YW3SQYUR6/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7YWVIUGFRA6GOE3QAPSJJ6EL3DJG5NX/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U5K5UPNHVWXDPSMBNSB2645MD2N5CXQS/https://www.debian.org/security/2022/dsa-5208https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1106https://lists.debian.org/debian-lts-announce/2022/08/msg00006.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GLLDMY4JYDZTMZSCPSY23K5YW3SQYUR6/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/N7YWVIUGFRA6GOE3QAPSJJ6EL3DJG5NX/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U5K5UPNHVWXDPSMBNSB2645MD2N5CXQS/https://www.debian.org/security/2022/dsa-5208
2022-04-20
Published