DEBIAN-CVE-2023-26081

DEBIAN-CVE-2023-26081 PUBLISHED CVSS 7.5 HIGH

In Epiphany (aka GNOME Web) through 43.0, untrusted web content can trick users into exfiltrating passwords, because autofill occurs in sandboxed contexts.

Risk Scores

CVSS v3.1

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Affected Products

Vendor	Product	Versions
Debian:12	epiphany-browser	0, 0, 0
Debian:13	epiphany-browser	0, 0, 0
Debian:14	epiphany-browser	0, 0, 0
Debian:11	epiphany-browser	40~rc-1, 41.0-1, 41.0-2

Timeline

Feb 20, 2023 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2023-26081 advisory

Open in Interactive Console →