It was found that WebKitGTK+ version performed TLS certificate
verification too late, after sending an HTTP request rather than before.
This issue allows a man-in-the-middle attack to possibly gain sensitive
information.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
any | any | any | webkitgtk2 | < 2.4.9-1 | UNKNOWN |