CVE-2018-11713 -- webkit2gtkID: oval:org.secpod.oval:def:2000016 | Date: (C)2019-05-30 (M)2023-11-09 |
Class: VULNERABILITY | Family: unix |
WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ prior to version 2.20.0 or without libsoup 2.62.0, unexpectedly failed to use system proxy settings for WebSocket connections. As a result, users could be deanonymized by crafted web sites via a WebSocket connection.
Platform: |
Debian 8.x |
Debian 9.x |
Product: |
libwebkit2gtk-4.0-dev |