Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.9
CVSSv3

CVE-2020-6750

Published: 09/01/2020 Updated: 07/11/2023
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N
Subscribe to Gnome

Vulnerability Summary

GSocketClient in GNOME GLib up to and including 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxy_addr field is mishandled. This bug is timing-dependent and may occur only sporadically depending on network delays. The greatest security relevance is in use cases where a proxy is used to help with privacy/anonymity, even though there is no technical barrier to a direct connection. NOTE: versions prior to 2.60 are unaffected.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gnome glib

fedoraproject fedora 30

fedoraproject fedora 31

Vendor Advisories

Debian CVElist Bug Report Logs: glib2.0: CVE-2020-6750: Socks5 Proxy: Proxy on a SocketClient set via set_proxy_resolver ignored
Debian Bug report logs - #948554 glib20: CVE-2020-6750: Socks5 Proxy: Proxy on a SocketClient set via set_proxy_resolver ignored Package: src:glib20; Maintainer for src:glib20 is Debian GNOME Maintainers <pkg-gnome-maintainers@listsaliothdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Fri ...

References

NVD-CWE-noinfohttps://gitlab.gnome.org/GNOME/glib/issues/1989https://bugzilla.suse.com/show_bug.cgi?id=1160668https://security.netapp.com/advisory/ntap-20200127-0001/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5RIFEDSRJ4P3WFCMDUOFQ2LEILZLMDW7/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MEM7MMAXMWCDPUH4MTUZ763MBB64RRLJ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJMLGW55HOQXHMTIPH2PWXFRBNBWVO4W/https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=948554https://nvd.nist.gov
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907hardcodedinjectCVE-2024-20359CVE-2024-2467CVE-2024-4077CVE-2024-22391cameraCVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook