CVE-2017-1000025

Source
https://cve.org/CVERecord?id=CVE-2017-1000025
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000025.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2017-1000025
Downstream
Published
2017-07-17T13:18:16.703Z
Modified
2026-07-08T16:07:49.290139Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites.

References

Affected packages

Git / gitlab.gnome.org/gnome/epiphany

Affected ranges

Type
GIT
Repo
https://gitlab.gnome.org/gnome/epiphany
Events
Database specific
{
    "cpe": [
        "cpe:2.3:a:gnome:epiphany:3.18.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.18.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.18.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.18.3:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.18.4:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.18.5:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.18.6:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.18.7:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.18.8:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.18.9:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.18.10:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.20.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.20.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.20.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.20.3:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.20.4:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.20.5:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.20.6:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.22.0:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.22.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.22.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.22.3:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.22.4:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.22.5:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.23.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.23.1.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.23.1.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.23.2:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.23.2.1:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.23.3:*:*:*:*:*:*:*",
        "cpe:2.3:a:gnome:epiphany:3.23.4:*:*:*:*:*:*:*"
    ],
    "source": "CPE_STRING",
    "extracted_events": [
        {
            "introduced": "3.18.0"
        },
        {
            "last_affected": "3.18.0"
        },
        {
            "introduced": "3.18.1"
        },
        {
            "last_affected": "3.18.1"
        },
        {
            "introduced": "3.18.2"
        },
        {
            "last_affected": "3.18.2"
        },
        {
            "introduced": "3.18.3"
        },
        {
            "last_affected": "3.18.3"
        },
        {
            "introduced": "3.18.4"
        },
        {
            "last_affected": "3.18.4"
        },
        {
            "introduced": "3.18.5"
        },
        {
            "last_affected": "3.18.5"
        },
        {
            "introduced": "3.18.6"
        },
        {
            "last_affected": "3.18.6"
        },
        {
            "introduced": "3.18.7"
        },
        {
            "last_affected": "3.18.7"
        },
        {
            "introduced": "3.18.8"
        },
        {
            "last_affected": "3.18.8"
        },
        {
            "introduced": "3.18.9"
        },
        {
            "last_affected": "3.18.9"
        },
        {
            "introduced": "3.18.10"
        },
        {
            "last_affected": "3.18.10"
        },
        {
            "introduced": "3.20.0"
        },
        {
            "last_affected": "3.20.0"
        },
        {
            "introduced": "3.20.1"
        },
        {
            "last_affected": "3.20.1"
        },
        {
            "introduced": "3.20.2"
        },
        {
            "last_affected": "3.20.2"
        },
        {
            "introduced": "3.20.3"
        },
        {
            "last_affected": "3.20.3"
        },
        {
            "introduced": "3.20.4"
        },
        {
            "last_affected": "3.20.4"
        },
        {
            "introduced": "3.20.5"
        },
        {
            "last_affected": "3.20.5"
        },
        {
            "introduced": "3.20.6"
        },
        {
            "last_affected": "3.20.6"
        },
        {
            "introduced": "3.22.0"
        },
        {
            "last_affected": "3.22.0"
        },
        {
            "introduced": "3.22.1"
        },
        {
            "last_affected": "3.22.1"
        },
        {
            "introduced": "3.22.2"
        },
        {
            "last_affected": "3.22.2"
        },
        {
            "introduced": "3.22.3"
        },
        {
            "last_affected": "3.22.3"
        },
        {
            "introduced": "3.22.4"
        },
        {
            "last_affected": "3.22.4"
        },
        {
            "introduced": "3.22.5"
        },
        {
            "last_affected": "3.22.5"
        },
        {
            "introduced": "3.23.1"
        },
        {
            "last_affected": "3.23.1"
        },
        {
            "introduced": "3.23.1.1"
        },
        {
            "last_affected": "3.23.1.1"
        },
        {
            "introduced": "3.23.1.2"
        },
        {
            "last_affected": "3.23.1.2"
        },
        {
            "introduced": "3.23.2"
        },
        {
            "last_affected": "3.23.2"
        },
        {
            "introduced": "3.23.2.1"
        },
        {
            "last_affected": "3.23.2.1"
        },
        {
            "introduced": "3.23.3"
        },
        {
            "last_affected": "3.23.3"
        },
        {
            "introduced": "3.23.4"
        },
        {
            "last_affected": "3.23.4"
        }
    ]
}

Affected versions

3.*
3.18.0
3.18.1
3.18.10
3.18.2
3.18.3
3.18.4
3.18.5
3.18.6
3.18.7
3.18.8
3.18.9
3.19.1
3.19.90
3.19.91
3.19.92
3.20.0
3.20.1
3.20.2
3.20.3
3.20.4
3.20.5
3.20.6
3.21.1
3.21.2
3.21.3
3.21.4
3.22.0
3.22.1
3.22.2
3.22.3
3.22.4
3.22.5
3.23.1
3.23.1.1
3.23.1.2
3.23.2
3.23.2.1
3.23.3
3.23.4

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-1000025.json"