CVE-2019-6251

8.1HIGH

Key Information:

Vendor: Gnome
Status: Epiphany
Vendor: CVE Published:; 14 January 2019

Summary

WebKitGTK and WPE WebKit prior to version 2.24.1 are vulnerable to address bar spoofing upon certain JavaScript redirections. An attacker could cause malicious web content to be displayed as if for a trusted URI. This is similar to the CVE-2018-8383 issue in Microsoft Edge.

References

https://gitlab.gnome.org/GNOME/epiphany/issues/532

x_refsource_MISC

https://seclists.org/bugtraq/2019/Apr/21

mailing-listx_refsource_BUGTRAQ

http://www.openwall.com/lists/oss-security/2019/04/11/1

mailing-listx_refsource_MLIST

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jan 14, 2019
Vulnerability Reserved
Jan 13, 2019

.