| CVE-2018-10895 |
critical |
— |
9.5 |
|
|
|
8y ago |
qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access 'qute://*' URLs. A malicious website could exploit this to load a 'qute://settings/s… |
| CVE-2021-41146 |
high |
— |
8.0 |
|
|
|
5y ago |
qutebrowser is an open source keyboard-focused browser with a minimal GUI. Starting with qutebrowser v1.7.0, the Windows installer for qutebrowser registers a `qutebrowserurl:` URL handler. With cert… |
| CVE-2018-1000559 |
medium |
— |
5.5 |
|
|
|
8y ago |
qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via… |
| CVE-2020-11054 |
low |
— |
2.5 |
|
|
|
6y ago |
In qutebrowser versions less than 1.11.1, reloading a page with certificate errors shows a green URL. After a certificate error was overridden by the user, qutebrowser displays the URL as yellow (col… |