It was discovered that GNOME Web incorrectly filtered certain strings. A remote attacker could use this issue to perform cross-site scripting (XSS) attacks. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-45085, CVE-2021-45086, CVE-2021-45087)
It was discovered that GNOME Web incorrectly handled certain long page titles. A remote attacker could use this issue to cause GNOME Web to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-29536)
{ "binaries": [ { "binary_name": "epiphany-browser", "binary_version": "3.36.4-0ubuntu2" }, { "binary_name": "epiphany-browser-data", "binary_version": "3.36.4-0ubuntu2" }, { "binary_name": "epiphany-browser-dbgsym", "binary_version": "3.36.4-0ubuntu2" } ], "availability": "No subscription required" }
{ "binaries": [ { "binary_name": "epiphany-browser", "binary_version": "42.1-1ubuntu1" }, { "binary_name": "epiphany-browser-data", "binary_version": "42.1-1ubuntu1" }, { "binary_name": "epiphany-browser-dbgsym", "binary_version": "42.1-1ubuntu1" } ], "availability": "No subscription required" }