← Back

CVE-2017-1000025

nvd nist
Published: Jul 17, 2017Modified: May 13, 2026

JSON object

Loading...
7.5
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites.

Affected (31)

Products: Gnome: Epiphany
Gnome
1 product
Epiphany
Configuration A
31 vulnerable
Vulnerable SoftwareAffected Versions
Gnome
Epiphany
Version 3.18.0
Epiphany
Version 3.18.10
Epiphany
Version 3.18.1
Epiphany
Version 3.18.2
Epiphany
Version 3.18.3
Epiphany
Version 3.18.4
Epiphany
Version 3.18.5
Epiphany
Version 3.18.6
Epiphany
Version 3.18.7
Epiphany
Version 3.18.8
Epiphany
Version 3.18.9
Epiphany
Version 3.20.0
Epiphany
Version 3.20.1
Epiphany
Version 3.20.2
Epiphany
Version 3.20.3
Epiphany
Version 3.20.4
Epiphany
Version 3.20.5
Epiphany
Version 3.20.6
Epiphany
Version 3.22.0
Epiphany
Version 3.22.1
Epiphany
Version 3.22.2
Epiphany
Version 3.22.3
Epiphany
Version 3.22.4
Epiphany
Version 3.22.5
Epiphany
Version 3.23.1.1
Epiphany
Version 3.23.1.2
Epiphany
Version 3.23.1
Epiphany
Version 3.23.2.1
Epiphany
Version 3.23.2
Epiphany
Version 3.23.3
Epiphany
Version 3.23.4

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (4)

Source: cve@mitre.org
Issue TrackingVendor Advisory
Source: cve@mitre.org
Technical DescriptionThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Issue TrackingVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Technical DescriptionThird Party Advisory

Timeline

No history available yet.