logo
DATABASE RESOURCES PRICING ABOUT US

Epiphany: Untrusted search path

Description

### Background Epiphany is a GNOME webbrowser based on the Mozilla rendering engine Gecko. ### Description James Vega reported an untrusted search path vulnerability in the Python interface. ### Impact A local attacker could entice a user to run Epiphany from a directory containing a specially crafted python module, resulting in the execution of arbitrary code with the privileges of the user running Epiphany. ### Workaround Do not run "epiphany" from untrusted working directories. ### Resolution All Epiphany users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=www-client/epiphany-2.22.3-r2"


Affected Package


OS OS Version Package Name Package Version
Gentoo any www-client/epiphany 2.22.3-r2

Related