CVE-2020-6750 in GNOME and Fedora Project Products
Published on January 9, 2020
GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxy_addr field is mishandled. This bug is timing-dependent and may occur only sporadically depending on network delays. The greatest security relevance is in use cases where a proxy is used to help with privacy/anonymity, even though there is no technical barrier to a direct connection. NOTE: versions before 2.60 are unaffected.
Products Associated with CVE-2020-6750
stack.watch emails you whenever new vulnerabilities are published in GNOME Glib or Fedora Project Fedora. Just hit a watch button to start following.
Exploit Probability
EPSS
0.59%
Percentile
68.74%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.