{"id":"CVE-2020-6750","details":"GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxy_addr field is mishandled. This bug is timing-dependent and may occur only sporadically depending on network delays. The greatest security relevance is in use cases where a proxy is used to help with privacy/anonymity, even though there is no technical barrier to a direct connection. NOTE: versions before 2.60 are unaffected.","modified":"2026-05-18T05:51:14.238271997Z","published":"2020-01-09T20:15:11.567Z","related":["openSUSE-SU-2024:10791-1"],"database_specific":{"unresolved_ranges":[{"cpes":["cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*","cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"],"vendor_product":"fedoraproject:fedora","extracted_events":[{"last_affected":"30"},{"last_affected":"31"}],"source":"CPE_FIELD"}]},"references":[{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5RIFEDSRJ4P3WFCMDUOFQ2LEILZLMDW7/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KJMLGW55HOQXHMTIPH2PWXFRBNBWVO4W/"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MEM7MMAXMWCDPUH4MTUZ763MBB64RRLJ/"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20200127-0001/"},{"type":"REPORT","url":"https://bugzilla.suse.com/show_bug.cgi?id=1160668"},{"type":"REPORT","url":"https://gitlab.gnome.org/GNOME/glib/issues/1989"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/gnome/glib","events":[{"introduced":"2edc5aa6dfffec0a48c8a1e9381b73d1096e0489"},{"last_affected":"dac69d7128b3b66ed7007ab944eb629d30f4de4b"}],"database_specific":{"extracted_events":[{"introduced":"2.60.0"},{"last_affected":"2.62.4"}],"source":"CPE_FIELD","cpe":"cpe:2.3:a:gnome:glib:*:*:*:*:*:*:*:*"}}],"versions":["2.62.4","2.62.3","2.62.2","2.62.1","2.62.0","2.61.3","2.61.2","2.61.1","2.61.0","2.60.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-6750.json"}},{"ranges":[{"type":"GIT","repo":"https://gitlab.gnome.org/gnome/glib","events":[{"introduced":"2edc5aa6dfffec0a48c8a1e9381b73d1096e0489"},{"last_affected":"dac69d7128b3b66ed7007ab944eb629d30f4de4b"}],"database_specific":{"extracted_events":[{"introduced":"2.60.0"},{"last_affected":"2.62.4"}],"source":"CPE_FIELD","cpe":"cpe:2.3:a:gnome:glib:*:*:*:*:*:*:*:*"}}],"versions":["2.62.4","2.62.3","2.62.2","2.62.1","2.62.0","2.61.3","2.61.2","2.61.1","2.61.0","2.60.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-6750.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}