5.3

CVE-2019-11070

WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
WebkitgtkWebkitgtk Version < 2.24.1
WpewebkitWpe Webkit Version < 2.24.1
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.02% 0.832
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 5.3 3.9 1.4
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:P/A:N
https://seclists.org/bugtraq/2019/Apr/21
Third Party Advisory
VDB Entry
Mailing List
https://bugs.webkit.org/show_bug.cgi?id=193718
Third Party Advisory
Issue Tracking