Debian Epiphany-Browser vulnerabilities

CVE-2025-3839 [HIGH] CVE-2025-3839: epiphany-browser - A flaw was found in Epiphany, a tool that allows websites to open external URL h... A flaw was found in Epiphany, a tool that allows websites to open external URL handler applications with minimal user interaction. This design can be misused to exploit vulnerabilities within those handlers, making them appear remotely exploitable. The browser fails to properly warn or gate this action, resulting in potential code execution on the client devi

CVE-2023-26081 [HIGH] CVE-2023-26081: epiphany-browser - In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users ... In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts. Scope: local bookworm: resolved (fixed in 43.1-1) bullseye: open forky: resolved (fixed in 43.1-1) sid: resolved (fixed in 43.1-1) trixie: resolved (fixed in 43.1-1)

CVE-2022-29536 [HIGH] CVE-2022-29536: epiphany-browser - In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger... In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered. Scope: local bookworm: resolved (fixed in 42.2-1) bullseye: resolved (fixed in 3.38

CVE-2021-45088 [MEDIUM] CVE-2021-45088: epiphany-browser - XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via a... XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an error page. Scope: local bookworm: resolved (fixed in 41.2-1) bullseye: resolved (fixed in 3.38.2-1+deb11u1) forky: resolved (fixed in 41.2-1) sid: resolved (fixed in 41.2-1) trixie: resolved (fixed in 41.2-1)

CVE-2021-45086 [MEDIUM] CVE-2021-45086: epiphany-browser - XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 becau... XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 because a server's suggested_filename is used as the pdf_name value in PDF.js. Scope: local bookworm: resolved (fixed in 41.2-1) bullseye: resolved (fixed in 3.38.2-1+deb11u1) forky: resolved (fixed in 41.2-1) sid: resolved (fixed in 41.2-1) trixie: resolved (fixed in 41.2-1)

CVE-2021-45087 [MEDIUM] CVE-2021-45087: epiphany-browser - XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 when ... XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title. Scope: local bookworm: resolved (fixed in 41.2-1) bullseye: resolved (fixed in 3.38.2-1+deb11u1) forky: resolved (fixed in 41.2-1) sid: resolved (fixed in 41.2-1) trixie: resolved (fixed in 41.2-1)

CVE-2021-45085 [MEDIUM] CVE-2021-45085: epiphany-browser - XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via a... XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 via an about: page, as demonstrated by ephy-about:overview when a user visits an XSS payload page often enough to place that page on the Most Visited list. Scope: local bookworm: resolved (fixed in 41.2-1) bullseye: resolved (fixed in 3.38.2-1+deb11u1) forky: resolved (fixed in 41.

CVE-2019-25085 [MEDIUM] CVE-2019-25085: epiphany-browser - A vulnerability was found in GNOME gvdb. It has been classified as critical. Thi... A vulnerability was found in GNOME gvdb. It has been classified as critical. This affects the function gvdb_table_write_contents_async of the file gvdb-builder.c. The manipulation leads to use after free. It is possible to initiate the attack remotely. The name of the patch is d83587b2a364eb9a9a53be7e6a708074e252de14. It is recommended to apply a patch to

CVE-2018-11396 [HIGH] CVE-2018-11396: epiphany-browser - ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 al... ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call. Scope: local bookworm: resolved (fixed in 3.28.2.1-1) bullseye: resolved (fixed in 3.28.2.1-1) forky: res

CVE-2018-12016 [HIGH] CVE-2018-12016: epiphany-browser - libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attack... libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via certain window.open and document.write calls. Scope: local bookworm: resolved (fixed in 3.28.3.1-1) bullseye: resolved (fixed in 3.28.3.1-1) forky: resolved (fixed in 3.28.3.1-1) sid: resolved (fixed in 3.28.3.1-1) trixie:

CVE-2017-1000025 [HIGH] CVE-2017-1000025: epiphany-browser - GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7,... GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites. Scope: local bookworm: resolved (fixed in 3.22.6-1) bullseye: resolved (fixed in 3.22.6-1) fork

CVE-2014-3566 [LOW] CVE-2014-3566: bouncycastle - The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses... The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue. Scope: local bookworm: resolved bullseye: resolved forky: resolved sid: resolved trixie: resolved

CVE-2010-3312 [MEDIUM] CVE-2010-3312: epiphany-browser - Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displa... Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock icon for any URL beginning with the https: substring, without any warning to the user, which allows man-in-the-middle attackers to spoof arbitrary https web sites via a crafted X.509 server certificate. Scope: local bookworm: resolved (fixed in 2.29.91-1) bullse

CVE-2008-5985 [MEDIUM] CVE-2008-5985: epiphany-browser - Untrusted search path vulnerability in the Python interface in Epiphany 2.22.3, ... Untrusted search path vulnerability in the Python interface in Epiphany 2.22.3, and possibly other versions, allows local users to execute arbitrary code via a Trojan horse Python file in the current working directory, related to a vulnerability in the PySys_SetArgv function (CVE-2008-5983). Scope: local bookworm: resolved (fixed in 2.22.3-7) bullseye: reso

CVE-2007-1084 [MEDIUM] CVE-2007-1084: epiphany-browser - Mozilla Firefox 2.0.0.1 and earlier does not prompt users before saving bookmark... Mozilla Firefox 2.0.0.1 and earlier does not prompt users before saving bookmarklets, which allows remote attackers to bypass the same-domain policy by tricking a user into saving a bookmarklet with a data: scheme, which is executed in the context of the last visited web page. Scope: local bookworm: open bullseye: open forky: open sid: open trixie: open

CVE-2005-0238 [MEDIUM] CVE-2005-0238: epiphany-browser - The International Domain Name (IDN) support in Epiphany allows remote attackers ... The International Domain Name (IDN) support in Epiphany allows remote attackers to spoof domain names using punycode encoded domain names that are decoded in URLs and SSL certificates in a way that uses homograph characters from other character sets, which facilitates phishing attacks. Scope: local bookworm: resolved (fixed in 1.4.8-2) bullseye: resolved (f