Unrated severityNVD Advisory· Published Jan 9, 2020· Updated Aug 4, 2024
CVE-2020-6750
CVE-2020-6750
Description
GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxy_addr field is mishandled. This bug is timing-dependent and may occur only sporadically depending on network delays. The greatest security relevance is in use cases where a proxy is used to help with privacy/anonymity, even though there is no technical barrier to a direct connection. NOTE: versions before 2.60 are unaffected.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- GNOME/GLibdescription
- Range: >=2.60 <=2.62.4
Patches
Vulnerability mechanics
References
6- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5RIFEDSRJ4P3WFCMDUOFQ2LEILZLMDW7/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJMLGW55HOQXHMTIPH2PWXFRBNBWVO4W/mitrevendor-advisoryx_refsource_FEDORA
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MEM7MMAXMWCDPUH4MTUZ763MBB64RRLJ/mitrevendor-advisoryx_refsource_FEDORA
- bugzilla.suse.com/show_bug.cgimitrex_refsource_CONFIRM
- gitlab.gnome.org/GNOME/glib/issues/1989mitrex_refsource_MISC
- security.netapp.com/advisory/ntap-20200127-0001/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.