Vulnerability Details CVE-2017-1000025
GNOME Web (Epiphany) 3.23 before 3.23.5, 3.22 before 3.22.6, 3.20 before 3.20.7, 3.18 before 3.18.11, and prior versions, is vulnerable to a password manager sweep attack resulting in the remote exfiltration of stored passwords for a selected set of websites.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.8%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2017-1000025
-
cpe:2.3:a:gnome:epiphany:3.18.0
-
cpe:2.3:a:gnome:epiphany:3.18.1
-
cpe:2.3:a:gnome:epiphany:3.18.10
-
cpe:2.3:a:gnome:epiphany:3.18.2
-
cpe:2.3:a:gnome:epiphany:3.18.3
-
cpe:2.3:a:gnome:epiphany:3.18.4
-
cpe:2.3:a:gnome:epiphany:3.18.5
-
cpe:2.3:a:gnome:epiphany:3.18.6
-
cpe:2.3:a:gnome:epiphany:3.18.7
-
cpe:2.3:a:gnome:epiphany:3.18.8
-
cpe:2.3:a:gnome:epiphany:3.18.9
-
cpe:2.3:a:gnome:epiphany:3.20.0
-
cpe:2.3:a:gnome:epiphany:3.20.1
-
cpe:2.3:a:gnome:epiphany:3.20.2
-
cpe:2.3:a:gnome:epiphany:3.20.3
-
cpe:2.3:a:gnome:epiphany:3.20.4
-
cpe:2.3:a:gnome:epiphany:3.20.5
-
cpe:2.3:a:gnome:epiphany:3.20.6
-
cpe:2.3:a:gnome:epiphany:3.22.0
-
cpe:2.3:a:gnome:epiphany:3.22.1
-
cpe:2.3:a:gnome:epiphany:3.22.2
-
cpe:2.3:a:gnome:epiphany:3.22.3
-
cpe:2.3:a:gnome:epiphany:3.22.4
-
cpe:2.3:a:gnome:epiphany:3.22.5
-
cpe:2.3:a:gnome:epiphany:3.23.1
-
cpe:2.3:a:gnome:epiphany:3.23.1.1
-
cpe:2.3:a:gnome:epiphany:3.23.1.2
-
cpe:2.3:a:gnome:epiphany:3.23.2
-
cpe:2.3:a:gnome:epiphany:3.23.2.1
-
cpe:2.3:a:gnome:epiphany:3.23.3
-
cpe:2.3:a:gnome:epiphany:3.23.4