Vulnerability Details CVE-2019-9633
gio/gsocketclient.c in GNOME GLib 2.59.2 does not ensure that a parent GTask remains alive during the execution of a connection-attempting enumeration, which allows remote attackers to cause a denial of service (g_socket_client_connected_callback mishandling and application crash) via a crafted web site, as demonstrated by GNOME Web (aka Epiphany).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 69.7%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.3
References