MGASA-2023-0099

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2023-0099.html

Import Source

https://advisories.mageia.org/MGASA-2023-0099.json

JSON Data

https://api.test.osv.dev/v1/vulns/MGASA-2023-0099

Related

CVE-2023-26081

Published

2023-03-18T22:16:28Z

Modified

2023-03-18T21:07:15Z

Summary

Updated epiphany packages fix security vulnerability

Details

In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts. (CVE-2023-26081)

References

https://advisories.mageia.org/MGASA-2023-0099.html
https://bugs.mageia.org/show_bug.cgi?id=31609
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SADQCSQKTJKTTIJMEPY7GII6IVQSKEKV/

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:8 / epiphany

Package

Name: epiphany
Purl: pkg:rpm/mageia/epiphany?distro=mageia-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.38.2-1.3.mga8

Ecosystem specific

{
    "section": "core"
}