CVE-2023-26081
7.5HIGHIn Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.
게시됨: 2/20/2023업데이트됨: 3/18/2025
설명
In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.
AI 분석AI 기반
영향받는 제품
gnomeepiphany
fedoraprojectfedora
37
참조
- https://github.com/google/security-research/security/advisories/GHSA-mhhf-w9xw-pp9xExploitThird Party Advisory
- https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1275PatchVendor Advisory
- https://lists.debian.org/debian-lts-announce/2023/05/msg00015.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFWUNG6E4ZT43EYNHKYXS7QVSO2VW2H2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SADQCSQKTJKTTIJMEPY7GII6IVQSKEKV/
- https://github.com/google/security-research/security/advisories/GHSA-mhhf-w9xw-pp9xExploitThird Party Advisory
- https://gitlab.gnome.org/GNOME/epiphany/-/merge_requests/1275PatchVendor Advisory
- https://lists.debian.org/debian-lts-announce/2023/05/msg00015.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IFWUNG6E4ZT43EYNHKYXS7QVSO2VW2H2/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SADQCSQKTJKTTIJMEPY7GII6IVQSKEKV/