Vulnerabilities > Qutebrowser

DATE CVE VULNERABILITY TITLE RISK
2020-05-07 CVE-2020-11054 In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL.
network
low complexity
qutebrowser fedoraproject
3.5
2018-07-12 CVE-2018-10895 Cross-Site Request Forgery (CSRF) vulnerability in Qutebrowser
qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access 'qute://*' URLs.
network
low complexity
qutebrowser CWE-352
8.8
2018-06-26 CVE-2018-1000559 Cross-site Scripting vulnerability in Qutebrowser
qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user's browsing history.
network
low complexity
qutebrowser CWE-79
6.1