CVE-2018-12016

libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via certain window.open and document.write calls.

References

https://github.com/ldpreload/Disclosure/blob/master/EpiphanyDoS.txt

Affected packages

Git / gitlab.gnome.org/GNOME/epiphany

Affected ranges

Type: GIT
Repo: https://gitlab.gnome.org/GNOME/epiphany
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

b9694438e6d6fd5c0ac35c8bcb4bd95b89d74be0

Affected versions

2.*

2.27.4

2.27.5

2.27.90

2.27.91

2.27.92

2.29.1

2.29.3

2.29.5

2.29.6

2.29.90

2.29.91

2.29.92

2.30

2.30.1

2.30.2

2.31.2

2.31.4

2.31.5

2.91.1

2.91.1.1

2.91.2

2.91.3

2.91.4

2.91.4.1

2.91.5

2.91.6

2.91.90

2.91.91

2.91.91.1

2.91.92

3.*

3.0.0

3.1.2

3.1.5

3.1.90

3.1.91

3.1.91.1

3.1.92

3.10.0

3.10.1

3.11.1

3.11.2

3.11.3

3.11.4

3.11.90

3.11.91

3.11.92

3.12.0

3.12.1

3.13.90

3.13.91

3.14.0

3.14.1

3.15.1

3.15.90

3.15.92

3.16.0

3.16.1

3.17.1

3.17.2

3.17.91

3.18.0

3.19.1

3.19.90

3.19.91

3.19.92

3.2.0

3.20.0

3.21.1

3.21.2

3.21.3

3.21.4

3.23.1

3.23.1.1

3.23.1.2

3.23.2

3.23.2.1

3.23.3

3.23.4

3.23.5

3.23.90

3.23.91

3.23.91.1

3.23.92

3.23.93

3.24.0

3.24.1

3.25.1

3.25.2

3.25.3

3.25.4

3.25.90

3.25.91

3.25.92

3.26.0

3.27.1

3.27.2

3.27.3

3.27.4

3.27.90

3.27.92

3.28.0.1

3.28.1

3.28.1.1

3.28.2

3.28.2.1

3.3.1

3.3.2

3.3.3

3.3.4

3.3.4.1

3.3.5

3.3.90

3.3.91

3.3.92

3.5.1

3.5.3

3.5.4

3.5.5

3.5.90

3.5.91.1

3.5.92

3.6.0

3.7.1

3.7.3

3.7.5

3.7.90

3.7.91

3.7.92

3.9.2

3.9.3

3.9.90

3.9.91

Other

BEFORE_HARVES18

GNOME_2_10_ANCHOR

GNOME_2_12_BRANCHPOINT

GNOME_2_14_BRANCHPOINT

GNOME_2_16_BRANCHPOINT

GNOME_2_18_BRANCHPOINT

GTK_ENGINES_2_6_0

INITIAL

PRE_GNOME_2_14_BRANCHPOINT

RELEASE_2_14_0

RELEASE_2_15_1

RELEASE_2_15_2

RELEASE_2_15_3

RELEASE_2_15_4

RELEASE_2_15_92

RELEASE_2_16_0

RELEASE_2_17_2

RELEASE_2_17_3

RELEASE_2_17_4

RELEASE_2_17_5

RELEASE_2_17_90

RELEASE_2_17_91

RELEASE_2_17_92

RELEASE_2_18_0

RELEASE_2_19_2

RELEASE_2_19_5

RELEASE_2_19_6

RELEASE_2_19_90

RELEASE_2_21_4

RELEASE_2_21_5

RELEASE_2_21_90

RELEASE_2_21_92

RELEASE_2_23_91

RELEASE_2_5_91

Release070

Release072

Release073

Release081

Release082

Release083

Release090

Release091

Release092

Release110

Release111

Release1110

Release1111

Release1112

Release112

Release113

Release115

Release117

Release119

Release120

Release130

Release131

Release132

Release133

Release134

Release135

Release136

Release137

Release138

Release151

Release152

Release153

Release154

Release155

Release156

Release157

Release158

Release160

Release171

Release172

Release173

Release174

Release175

Release176

Release191

Release192

Release193

Release1931

Release194

Release195

Release1951

Release196

Release198

Release1999

WEBCORE_BRANCHPOINT

WEBKIT_BRANCHPOINT

XULRUNNER_BRANCHPOINT

gnome-2-8-branchpoint

help

pre-gnome-2-10-branchpoint

actual-2.*

actual-2.29.6

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-12016.json"