A vulnerability has been discovered in Epiphany, which can lead to a buffer overflow.
Package | www-client/epiphany on all architectures |
---|---|
Affected versions | < 42.4 |
Unaffected versions | >= 42.4 |
Epiphany is a GNOME webbrowser based on the Mozilla rendering engine Gecko.
A vulnerability has been discovered in Epiphany. Please review the CVE identifier referenced below for details.
In GNOME Epiphany an HTML document can trigger a client buffer overflow (in ephy_string_shorten) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.
There is no known workaround at this time.
All Epiphany users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=www-client/epiphany-42.4"
Release date
May 08, 2024
Latest revision
May 08, 2024: 1
Severity
normal
Exploitable
remote
Bugzilla entries