cvelistv5 - cve-2018-1000559

CVE-2018-1000559 (GCVE-0-2018-1000559)

Vulnerability from cvelistv5 – Published: 2018-06-26 16:00 – Updated: 2024-08-05 12:40

Summary

qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user's browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted <title> attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week).

Severity ?

No CVSS data available.

CWE

Assigner

mitre

References

URL

Tags

	https://github.com/qutebrowser/qutebrowser/commit…	x_refsource_MISC
	https://github.com/qutebrowser/qutebrowser/commit…	x_refsource_MISC
	https://github.com/qutebrowser/qutebrowser/issues/4011	x_refsource_MISC

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T12:40:47.529Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/qutebrowser/qutebrowser/issues/4011"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "dateAssigned": "2018-06-23T00:00:00",
      "datePublic": "2018-06-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week)."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-06-26T15:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/qutebrowser/qutebrowser/issues/4011"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "DATE_ASSIGNED": "2018-06-23T11:22:33.088364",
          "DATE_REQUESTED": "2018-06-21T21:08:17",
          "ID": "CVE-2018-1000559",
          "REQUESTER": "distributedweaknessfiling.org@the-compiler.org",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7",
              "refsource": "MISC",
              "url": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7"
            },
            {
              "name": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f",
              "refsource": "MISC",
              "url": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f"
            },
            {
              "name": "https://github.com/qutebrowser/qutebrowser/issues/4011",
              "refsource": "MISC",
              "url": "https://github.com/qutebrowser/qutebrowser/issues/4011"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2018-1000559",
    "datePublished": "2018-06-26T16:00:00",
    "dateReserved": "2018-06-21T00:00:00",
    "dateUpdated": "2024-08-05T12:40:47.529Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:qutebrowser:qutebrowser:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"0.11.0\", \"versionEndExcluding\": \"1.3.3\", \"matchCriteriaId\": \"CFB39485-955C-49D9-B865-88A021261DEE\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week).\"}, {\"lang\": \"es\", \"value\": \"La versi\\u00f3n de qutebrowser introducida en v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contiene una vulnerabilidad Cross-Site Scripting (XSS) en el comando history en la p\\u00e1gina qute://history, que puede resultar en que una p\\u00e1gina web puede robar el historial de navegaci\\u00f3n del usuario mediante la inyecci\\u00f3n de c\\u00f3digo JavaScript. Este ataque parece ser explotable si la v\\u00edctima abre una p\\u00e1gina con un atributo  especialmente manipulado y luego abre el sitio qute://history mediante el comando :history. La vulnerabilidad parece estar solucionada en la versi\\u00f3n 1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7 que se publicar\\u00e1 hoy) y la 1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, publicado despu\\u00e9s en esta semana).\"}]",
      "id": "CVE-2018-1000559",
      "lastModified": "2024-11-21T03:40:11.847",
      "metrics": "{\"cvssMetricV30\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.0\", \"vectorString\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\", \"baseScore\": 6.1, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"LOW\", \"integrityImpact\": \"LOW\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 2.8, \"impactScore\": 2.7}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:N/I:P/A:N\", \"baseScore\": 4.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.6, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": true}]}",
      "published": "2018-06-26T16:29:02.930",
      "references": "[{\"url\": \"https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f\", \"source\": \"cve@mitre.org\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/qutebrowser/qutebrowser/issues/4011\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://github.com/qutebrowser/qutebrowser/issues/4011\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-79\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2018-1000559\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-06-26T16:29:02.930\",\"lastModified\":\"2024-11-21T03:40:11.847\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week).\"},{\"lang\":\"es\",\"value\":\"La versi\u00f3n de qutebrowser introducida en v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contiene una vulnerabilidad Cross-Site Scripting (XSS) en el comando history en la p\u00e1gina qute://history, que puede resultar en que una p\u00e1gina web puede robar el historial de navegaci\u00f3n del usuario mediante la inyecci\u00f3n de c\u00f3digo JavaScript. Este ataque parece ser explotable si la v\u00edctima abre una p\u00e1gina con un atributo  especialmente manipulado y luego abre el sitio qute://history mediante el comando :history. La vulnerabilidad parece estar solucionada en la versi\u00f3n 1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7 que se publicar\u00e1 hoy) y la 1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, publicado despu\u00e9s en esta semana).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N\",\"baseScore\":6.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.8,\"impactScore\":2.7}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:N/I:P/A:N\",\"baseScore\":4.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.6,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":true}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-79\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:qutebrowser:qutebrowser:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"0.11.0\",\"versionEndExcluding\":\"1.3.3\",\"matchCriteriaId\":\"CFB39485-955C-49D9-B865-88A021261DEE\"}]}]}],\"references\":[{\"url\":\"https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/qutebrowser/qutebrowser/issues/4011\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/qutebrowser/qutebrowser/issues/4011\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}"
  }
}

GSD-2018-1000559

Vulnerability from gsd - Updated: 2023-12-13 01:22

Details

Aliases

CVE-2018-1000559

Aliases

CVE-2018-1000559

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2018-1000559",
    "description": "qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week).",
    "id": "GSD-2018-1000559",
    "references": [
      "https://www.suse.com/security/cve/CVE-2018-1000559.html",
      "https://security.archlinux.org/CVE-2018-1000559"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2018-1000559"
      ],
      "details": "qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week).",
      "id": "GSD-2018-1000559",
      "modified": "2023-12-13T01:22:27.670255Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "DATE_ASSIGNED": "2018-06-23T11:22:33.088364",
        "DATE_REQUESTED": "2018-06-21T21:08:17",
        "ID": "CVE-2018-1000559",
        "REQUESTER": "distributedweaknessfiling.org@the-compiler.org",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week)."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7",
            "refsource": "MISC",
            "url": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7"
          },
          {
            "name": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f",
            "refsource": "MISC",
            "url": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f"
          },
          {
            "name": "https://github.com/qutebrowser/qutebrowser/issues/4011",
            "refsource": "MISC",
            "url": "https://github.com/qutebrowser/qutebrowser/issues/4011"
          }
        ]
      }
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003e=0.11.0,\u003c1.3.3",
          "affected_versions": "All versions starting from 0.11.0 before 1.3.3",
          "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-79",
            "CWE-937"
          ],
          "date": "2018-08-31",
          "description": "qutebrowser contains a Cross Site Scripting (XSS) vulnerability in history command page (`qute://history`) enabling attackers to steal the browsing history",
          "fixed_versions": [
            "1.3.3"
          ],
          "identifier": "CVE-2018-1000559",
          "identifiers": [
            "CVE-2018-1000559"
          ],
          "not_impacted": "All versions before 0.11.0, all versions starting from 1.3.3",
          "package_slug": "pypi/qutebrowser",
          "pubdate": "2018-06-26",
          "solution": "Upgrade to version 1.3.3 or above.",
          "title": "Cross-site Scripting",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2018-1000559"
          ],
          "uuid": "e7feaa50-6f73-4815-8c9a-3b21e3a5a25d"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:qutebrowser:qutebrowser:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "1.3.3",
                "versionStartIncluding": "0.11.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2018-1000559"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week)."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/qutebrowser/qutebrowser/issues/4011",
              "refsource": "MISC",
              "tags": [
                "Exploit",
                "Third Party Advisory"
              ],
              "url": "https://github.com/qutebrowser/qutebrowser/issues/4011"
            },
            {
              "name": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f"
            },
            {
              "name": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7",
              "refsource": "MISC",
              "tags": [
                "Patch",
                "Third Party Advisory"
              ],
              "url": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 2.7
        }
      },
      "lastModifiedDate": "2018-08-31T13:19Z",
      "publishedDate": "2018-06-26T16:29Z"
    }
  }
}

GHSA-M4FW-77V7-924M

Vulnerability from github – Published: 2018-09-13 15:47 – Updated: 2024-10-25 21:36

Summary

Qutebrowser XSS Vulnerability

Details

qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user's browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted <title> attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week).

Severity ?

6.1 (Medium)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

5.3 (Medium)


                  
                    CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "qutebrowser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0.11.0"
            },
            {
              "fixed": "1.3.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2018-1000559"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:44:51Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "qutebrowser version introduced in v0.11.0 ([1179ee7a937fb31414d77d9970bac21095358449](https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f)) contains a Cross Site Scripting (XSS) vulnerability in history command, `qute://history` page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted `\u003ctitle\u003e` attribute, and then open the `qute://history` site via the `:history` command. This vulnerability appears to have been fixed in fixed in v1.3.3 ([4c9360237f186681b1e3f2a0f30c45161cf405c7](https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7), to be released today) and v1.4.0 ([5a7869f2feaa346853d2a85413d6527c87ef0d9f](https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f), released later this week).",
  "id": "GHSA-m4fw-77v7-924m",
  "modified": "2024-10-25T21:36:47Z",
  "published": "2018-09-13T15:47:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000559"
    },
    {
      "type": "WEB",
      "url": "https://github.com/qutebrowser/qutebrowser/issues/4011"
    },
    {
      "type": "WEB",
      "url": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7"
    },
    {
      "type": "WEB",
      "url": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-m4fw-77v7-924m"
    },
    {
      "type": "WEB",
      "url": "https://github.com/pypa/advisory-database/tree/main/vulns/qutebrowser/PYSEC-2018-26.yaml"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/qutebrowser/qutebrowser"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    },
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Qutebrowser XSS Vulnerability"
}

PYSEC-2018-26

Vulnerability from pysec - Published: 2018-06-26 16:29 - Updated: 2021-06-10 06:51

Details

qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user's browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week).

Impacted products

Name	purl
qutebrowser	pkg:pypi/qutebrowser

Aliases

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "PyPI",
        "name": "qutebrowser",
        "purl": "pkg:pypi/qutebrowser"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "5a7869f2feaa346853d2a85413d6527c87ef0d9f"
            },
            {
              "fixed": "4c9360237f186681b1e3f2a0f30c45161cf405c7"
            }
          ],
          "repo": "https://github.com/qutebrowser/qutebrowser",
          "type": "GIT"
        },
        {
          "events": [
            {
              "introduced": "0.11.0"
            },
            {
              "fixed": "1.3.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "0.11.0",
        "0.11.1",
        "1.0.0",
        "1.0.1",
        "1.0.2",
        "1.0.3",
        "1.0.4",
        "1.1.0",
        "1.1.1",
        "1.1.2",
        "1.2.0",
        "1.2.1",
        "1.3.0",
        "1.3.1",
        "1.3.2"
      ]
    }
  ],
  "aliases": [
    "CVE-2018-1000559",
    "GHSA-m4fw-77v7-924m"
  ],
  "details": "qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week).",
  "id": "PYSEC-2018-26",
  "modified": "2021-06-10T06:51:59.879286Z",
  "published": "2018-06-26T16:29:00Z",
  "references": [
    {
      "type": "REPORT",
      "url": "https://github.com/qutebrowser/qutebrowser/issues/4011"
    },
    {
      "type": "FIX",
      "url": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f"
    },
    {
      "type": "FIX",
      "url": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-m4fw-77v7-924m"
    }
  ]
}

OPENSUSE-SU-2024:11292-1

Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00

Summary

qutebrowser-2.3.1-2.1 on GA media

Notes

Title of the patch

qutebrowser-2.3.1-2.1 on GA media

Description of the patch

These are all security issues fixed in the qutebrowser-2.3.1-2.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-11292

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "qutebrowser-2.3.1-2.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the qutebrowser-2.3.1-2.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-11292",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11292-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-1000559 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-1000559/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2018-10895 page",
        "url": "https://www.suse.com/security/cve/CVE-2018-10895/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2020-11054 page",
        "url": "https://www.suse.com/security/cve/CVE-2020-11054/"
      }
    ],
    "title": "qutebrowser-2.3.1-2.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:11292-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "qutebrowser-2.3.1-2.1.aarch64",
                "product": {
                  "name": "qutebrowser-2.3.1-2.1.aarch64",
                  "product_id": "qutebrowser-2.3.1-2.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "qutebrowser-2.3.1-2.1.ppc64le",
                "product": {
                  "name": "qutebrowser-2.3.1-2.1.ppc64le",
                  "product_id": "qutebrowser-2.3.1-2.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "qutebrowser-2.3.1-2.1.s390x",
                "product": {
                  "name": "qutebrowser-2.3.1-2.1.s390x",
                  "product_id": "qutebrowser-2.3.1-2.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "qutebrowser-2.3.1-2.1.x86_64",
                "product": {
                  "name": "qutebrowser-2.3.1-2.1.x86_64",
                  "product_id": "qutebrowser-2.3.1-2.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "qutebrowser-2.3.1-2.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.aarch64"
        },
        "product_reference": "qutebrowser-2.3.1-2.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "qutebrowser-2.3.1-2.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.ppc64le"
        },
        "product_reference": "qutebrowser-2.3.1-2.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "qutebrowser-2.3.1-2.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.s390x"
        },
        "product_reference": "qutebrowser-2.3.1-2.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "qutebrowser-2.3.1-2.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.x86_64"
        },
        "product_reference": "qutebrowser-2.3.1-2.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2018-1000559",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-1000559"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week).",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.aarch64",
          "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.ppc64le",
          "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.s390x",
          "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-1000559",
          "url": "https://www.suse.com/security/cve/CVE-2018-1000559"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1101507 for CVE-2018-1000559",
          "url": "https://bugzilla.suse.com/1101507"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.aarch64",
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.ppc64le",
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.s390x",
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.aarch64",
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.ppc64le",
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.s390x",
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2018-1000559"
    },
    {
      "cve": "CVE-2018-10895",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2018-10895"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access \u0027qute://*\u0027 URLs. A malicious website could exploit this to load a \u0027qute://settings/set\u0027 URL, which then sets \u0027editor.command\u0027 to a bash script, resulting in arbitrary code execution.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.aarch64",
          "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.ppc64le",
          "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.s390x",
          "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2018-10895",
          "url": "https://www.suse.com/security/cve/CVE-2018-10895"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1100968 for CVE-2018-10895",
          "url": "https://bugzilla.suse.com/1100968"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.aarch64",
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.ppc64le",
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.s390x",
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          "products": [
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.aarch64",
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.ppc64le",
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.s390x",
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "critical"
        }
      ],
      "title": "CVE-2018-10895"
    },
    {
      "cve": "CVE-2020-11054",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2020-11054"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user, qutebrowser displays the URL as yellow (colors.statusbar.url.warn.fg). However, when the affected website was subsequently loaded again, the URL was mistakenly displayed as green (colors.statusbar.url.success_https). While the user already has seen a certificate error prompt at this point (or set content.ssl_strict to false, which is not recommended), this could still provide a false sense of security. This has been fixed in 1.11.1 and 1.12.0. All versions of qutebrowser are believed to be affected, though versions before v0.11.x couldn\u0027t be tested. Backported patches for older versions (greater than or equal to 1.4.0 and less than or equal to 1.10.2) are available, but no further releases are planned.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.aarch64",
          "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.ppc64le",
          "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.s390x",
          "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2020-11054",
          "url": "https://www.suse.com/security/cve/CVE-2020-11054"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1171425 for CVE-2020-11054",
          "url": "https://bugzilla.suse.com/1171425"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.aarch64",
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.ppc64le",
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.s390x",
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.5,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.aarch64",
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.ppc64le",
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.s390x",
            "openSUSE Tumbleweed:qutebrowser-2.3.1-2.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2020-11054"
    }
  ]
}

FKIE_CVE-2018-1000559

Vulnerability from fkie_nvd - Published: 2018-06-26 16:29 - Updated: 2024-11-21 03:40

Severity ?

6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

References

URL	Tags
cve@mitre.org	https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7	Patch, Third Party Advisory
cve@mitre.org	https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f	Patch, Third Party Advisory
cve@mitre.org	https://github.com/qutebrowser/qutebrowser/issues/4011	Exploit, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f	Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/qutebrowser/qutebrowser/issues/4011	Exploit, Third Party Advisory

Impacted products

	Vendor	Product	Version
	qutebrowser	qutebrowser	*

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:qutebrowser:qutebrowser:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFB39485-955C-49D9-B865-88A021261DEE",
              "versionEndExcluding": "1.3.3",
              "versionStartIncluding": "0.11.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user\u0027s browsing history. This attack appear to be exploitable via the victim must open a page with a specially crafted \u003ctitle\u003e attribute, and then open the qute://history site via the :history command. This vulnerability appears to have been fixed in fixed in v1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7, to be released today) and v1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, released later this week)."
    },
    {
      "lang": "es",
      "value": "La versi\u00f3n de qutebrowser introducida en v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contiene una vulnerabilidad Cross-Site Scripting (XSS) en el comando history en la p\u00e1gina qute://history, que puede resultar en que una p\u00e1gina web puede robar el historial de navegaci\u00f3n del usuario mediante la inyecci\u00f3n de c\u00f3digo JavaScript. Este ataque parece ser explotable si la v\u00edctima abre una p\u00e1gina con un atributo  especialmente manipulado y luego abre el sitio qute://history mediante el comando :history. La vulnerabilidad parece estar solucionada en la versi\u00f3n 1.3.3 (4c9360237f186681b1e3f2a0f30c45161cf405c7 que se publicar\u00e1 hoy) y la 1.4.0 (5a7869f2feaa346853d2a85413d6527c87ef0d9f, publicado despu\u00e9s en esta semana)."
    }
  ],
  "id": "CVE-2018-1000559",
  "lastModified": "2024-11-21T03:40:11.847",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2018-06-26T16:29:02.930",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/qutebrowser/qutebrowser/issues/4011"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/qutebrowser/qutebrowser/commit/4c9360237f186681b1e3f2a0f30c45161cf405c7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "https://github.com/qutebrowser/qutebrowser/commit/5a7869f2feaa346853d2a85413d6527c87ef0d9f"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://github.com/qutebrowser/qutebrowser/issues/4011"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2018-1000559 (GCVE-0-2018-1000559)

GSD-2018-1000559

GHSA-M4FW-77V7-924M

PYSEC-2018-26

OPENSUSE-SU-2024:11292-1

FKIE_CVE-2018-1000559

Tags

Sightings

Nomenclature