Wind River Support Network

HomeDefectsLIN1021-2223
Fixed

LIN1021-2223 : Security Advisory - epiphany - CVE-2021-45086

Created: Dec 16, 2021    Updated: Apr 26, 2022
Resolved Date: Apr 26, 2022
Found In Version: 10.21.20.1
Fix Version: 10.21.20.12
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

XSS can occur in GNOME Web (aka Epiphany) before 40.4 and 41.x before 41.1 because a server's suggested_filename is used as the pdf_name value in PDF.js.

CREATE(Triage):(User=admin) CVE-2021-45086 (https://nvd.nist.gov/vuln/detail/CVE-2021-45086)

CVEs


Live chat
Online