Vulnerability CVE-2021-45087: Information
Description
XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 when View Source mode or Reader mode is used, as demonstrated by a a page title.
Severity: MEDIUM (6.1) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
epiphany | sisyphus | 41.1-alt1 | 46.0-alt1 | ALT-PU-2021-3546-1 | 292090 | Fixed |
epiphany | sisyphus_riscv64 | 41.1-alt1 | 46.0-alt1 | ALT-PU-2021-4608-1 | - | Fixed |
epiphany | p10 | 40.6-alt1 | 40.6-alt1 | ALT-PU-2021-3624-1 | 292094 | Fixed |
epiphany | p10_e2k | 40.6-alt1 | 40.6-alt1 | ALT-PU-2021-4744-1 | - | Fixed |
epiphany | c10f1 | 40.6-alt1 | 40.6-alt1 | ALT-PU-2021-3624-1 | 292094 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1045 |
|
https://gitlab.gnome.org/GNOME/epiphany/-/issues/1612 |
|
DSA-5042 |
|
[debian-lts-announce] 20220818 [SECURITY] [DLA 3074-1] epiphany-browser security update |
|