Published: 23/05/2018 Updated: 24/08/2020

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) up to and including 3.28.2.1 allows remote malicious users to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnome epiphany

Debian Bug report logs - #901018 epiphany-browser: CVE-2018-12016 Package: src:epiphany-browser; Maintainer for src:epiphany-browser is Debian GNOME Maintainers <pkg-gnome-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri, 8 Jun 2018 04:03:01 UTC Severity: normal T ...

Debian Bug report logs - #899409 epiphany-browser: CVE-2018-11396 Package: src:epiphany-browser; Maintainer for src:epiphany-browser is Debian GNOME Maintainers <pkg-gnome-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 23 May 2018 20:51:01 UTC Severity: normal T ...

Epiphany version 32821 suffers from a denial of service vulnerability ...

Fuzzing Browsers

BFuzz BFuzz is currently in beta BFuzz is an input based fuzzer tool which take html as an input, open's up your browser with a new instance and pass multiple testcases generated by domato which is present in recurve folder of BFuzz, more over BFuzz is an automation which performs same task repeatedly it doesn't mangle any t

NVD-CWE-noinfo https://bugzilla.gnome.org/show_bug.cgi?id=795740 http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00043.html https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901018 https://nvd.nist.gov https://github.com/RootUp/BFuzz

CVE-2018-11396

Vulnerability Summary

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect