CVE-2023-26081
7.5HIGHIn Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.
Publicado: 2/20/2023Actualizado: 3/18/2025
Descripción
In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.
Análisis IAImpulsado por IA
Productos Afectados
gnomeepiphany
fedoraprojectfedora
37
Referencias
- https://github.com/google/security-research/security/advisories/GHSA-mhhf-w9xw-pp9xExploitThird Party Advisory
- https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1275PatchVendor Advisory
- https://lists.debian.org/debian-lts-announce/2023/05/msg00015.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFWUNG6E4ZT43EYNHKYXS7QVSO2VW2H2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SADQCSQKTJKTTIJMEPY7GII6IVQSKEKV/
- https://github.com/google/security-research/security/advisories/GHSA-mhhf-w9xw-pp9xExploitThird Party Advisory
- https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1275PatchVendor Advisory
- https://lists.debian.org/debian-lts-announce/2023/05/msg00015.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFWUNG6E4ZT43EYNHKYXS7QVSO2VW2H2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SADQCSQKTJKTTIJMEPY7GII6IVQSKEKV/