1. CVE-Search
  2. CVE-2020-6750
ID CVE-2020-6750
Summary GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxy_addr field is mishandled. This bug is timing-dependent and may occur only sporadically depending on network delays. The greatest security relevance is in use cases where a proxy is used to help with privacy/anonymity, even though there is no technical barrier to a direct connection. NOTE: versions before 2.60 are unaffected.
References
Vulnerable Configurations
  • cpe:2.3:a:gnome:glib:2.60.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:glib:2.60.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:glib:2.60.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:glib:2.60.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:glib:2.60.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:glib:2.60.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:glib:2.60.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:glib:2.60.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:glib:2.60.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:glib:2.60.4:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:glib:2.60.5:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:glib:2.60.5:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:glib:2.60.6:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:glib:2.60.6:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:glib:2.60.7:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:glib:2.60.7:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:glib:2.61.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:glib:2.61.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:glib:2.61.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:glib:2.61.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:glib:2.61.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:glib:2.61.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:glib:2.61.3:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:glib:2.61.3:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:glib:2.62.0:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:glib:2.62.0:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:glib:2.62.1:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:glib:2.62.1:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:glib:2.62.2:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:glib:2.62.2:*:*:*:*:*:*:*
  • cpe:2.3:a:gnome:glib:2.62.4:*:*:*:*:*:*:*
    cpe:2.3:a:gnome:glib:2.62.4:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 01-01-2022 - 20:02)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
cvss-vector via4 AV:N/AC:M/Au:N/C:P/I:N/A:N
refmap via4
confirm
fedora
  • FEDORA-2020-092ef6572a
  • FEDORA-2020-339d413324
  • FEDORA-2020-c101a316ab
misc https://gitlab.gnome.org/GNOME/glib/issues/1989
Last major update 01-01-2022 - 20:02
Published 09-01-2020 - 20:15
Last modified 01-01-2022 - 20:02
Back to Top