Vulnerabilities > CVE-2022-29536 - Out-of-bounds Write vulnerability in multiple products

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
network
low complexity
gnome
fedoraproject
debian
CWE-787

Summary

In GNOME Epiphany before 41.4 and 42.x before 42.2, an HTML document can trigger a client buffer overflow (in ephy_string_shorten in the UI process) via a long page title. The issue occurs because the number of bytes for a UTF-8 ellipsis character is not properly considered.

Vulnerable Configurations

Part Description Count
Application
Gnome
426
OS
Fedoraproject
3
OS
Debian
2

Common Weakness Enumeration (CWE)