All errata/sisyphus/ALT-PU-2019-1458-1
ALT-PU-2019-1458-1

Package update epiphany in branch sisyphus

Version3.32.0-alt1
Task#225059
Published2019-03-18
Max severityHIGH
Severity:

Closed issues (2)

BDU:2020-01582
HIGH8.1

Уязвимость модулей отображения веб-страниц WebKitGTK и WPE WebKit, связанная с недостаточной проверкой входных данных, позволяющая нарушителю проводить спуфинг-атаки

Published: 2020-04-16Modified: 2023-11-21
CVSS 3.xHIGH 8.1
CVSS:3.x/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
CVSS 2.0HIGH 8.8
CVSS:2.0/AV:N/AC:M/Au:N/C:C/I:C/A:N
References
CVE-2019-6251
HIGH8.1

WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge.

Published: 2019-01-14Modified: 2024-11-21
CVSS 2.0MEDIUM 5.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:N
CVSS 3.xHIGH 8.1
CVSS:3.x/CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
References