{ "threat_severity" : "Moderate", "public_date" : "2019-04-10T00:00:00Z", "bugzilla" : { "description" : "webkitgtk: HTTP proxy setting deanonymization information disclosure", "id" : "1709289", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1709289" }, "cvss3" : { "cvss3_base_score" : "6.5", "cvss3_scoring_vector" : "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "status" : "verified" }, "cwe" : "CWE-200", "details" : [ "WebKitGTK and WPE WebKit prior to version 2.24.1 failed to properly apply configured HTTP proxy settings when downloading livestream video (HLS, DASH, or Smooth Streaming), an error resulting in deanonymization. This issue was corrected by changing the way livestreams are downloaded." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2020-09-29T00:00:00Z", "advisory" : "RHSA-2020:4035", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "webkitgtk4-0:2.28.2-2.el7" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "accountsservice-0:0.6.50-7.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "appstream-data-0:8-20190805.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "baobab-0:3.28.0-2.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "chrome-gnome-shell-0:10.1-6.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "evince-0:3.28.4-3.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "file-roller-0:3.28.1-2.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gdk-pixbuf2-0:2.36.12-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gdm-1:3.28.3-22.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gjs-0:1.56.2-3.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-control-center-0:3.28.2-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-desktop3-0:3.32.2-1.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-remote-desktop-0:0.1.6-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-settings-daemon-0:3.32.0-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-shell-0:3.32.2-9.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-shell-extensions-0:3.32.1-10.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-software-0:3.30.6-2.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gnome-tweaks-0:3.28.1-6.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gsettings-desktop-schemas-0:3.32.0-3.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gtk3-0:3.22.30-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "gvfs-0:1.36.2-6.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "mozjs60-0:60.9.0-3.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "mutter-0:3.32.2-10.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "nautilus-0:3.28.1-10.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "pango-0:1.42.4-6.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "pidgin-0:2.13.0-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "plymouth-0:0.9.3-15.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "SDL-0:1.2.15-35.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "wayland-protocols-0:1.17-1.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "webkit2gtk3-0:2.24.3-1.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "accountsservice-0:0.6.50-7.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "appstream-data-0:8-20190805.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "baobab-0:3.28.0-2.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "chrome-gnome-shell-0:10.1-6.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "evince-0:3.28.4-3.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "file-roller-0:3.28.1-2.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gdk-pixbuf2-0:2.36.12-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gdm-1:3.28.3-22.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gjs-0:1.56.2-3.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-control-center-0:3.28.2-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-desktop3-0:3.32.2-1.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-remote-desktop-0:0.1.6-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-settings-daemon-0:3.32.0-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-shell-0:3.32.2-9.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-shell-extensions-0:3.32.1-10.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-software-0:3.30.6-2.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gnome-tweaks-0:3.28.1-6.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gsettings-desktop-schemas-0:3.32.0-3.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gtk3-0:3.22.30-4.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "gvfs-0:1.36.2-6.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "mozjs60-0:60.9.0-3.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "mutter-0:3.32.2-10.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "nautilus-0:3.28.1-10.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "pango-0:1.42.4-6.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "pidgin-0:2.13.0-5.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "plymouth-0:0.9.3-15.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "SDL-0:1.2.15-35.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "wayland-protocols-0:1.17-1.el8" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2019-11-05T00:00:00Z", "advisory" : "RHSA-2019:3553", "cpe" : "cpe:/o:redhat:enterprise_linux:8", "package" : "webkit2gtk3-0:2.24.3-1.el8" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 6", "fix_state" : "Out of support scope", "package_name" : "webkitgtk", "cpe" : "cpe:/o:redhat:enterprise_linux:6" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Will not fix", "package_name" : "webkitgtk3", "cpe" : "cpe:/o:redhat:enterprise_linux:7" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2019-11070\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-11070" ], "name" : "CVE-2019-11070", "csaw" : false }