ephy-session.c in in GNOME Web (aka Epiphany) through allows remote attackers to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted call.

Published : 2018-05-23 13:29 Updated : 2019-10-16 12:15

CVSS Score More info
Score 5.0 / 10
Vendor Product Version URI
Gnome Epiphany cpe:/a:gnome:epiphany:
  1. Gnome (1) Search CVE
    1. Epiphany (1) Search CVE


ID Name Description Links
CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') The software constructs all or part of a command, data structure, or record using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify how it is parsed or interpreted when it is sent to a downstream component. CVE

History of changes

Date Event
2019-10-16 12:15
2018-06-22 13:47
2018-05-23 13:29