Описание
In the WebRTC component in Opera 51.0.2830.55, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request.
Ссылки
- https://docs.google.com/spreadsheets/d/1Nm7mxfFvmdn-3Az-BtE5O0BIdbJiIAWUnkoAF_v_0ug/edit?usp=sharingThird Party Advisory
- Third Party Advisory
- Issue Tracking
- Third Party Advisory
- Third Party Advisory
- https://docs.google.com/spreadsheets/d/1Nm7mxfFvmdn-3Az-BtE5O0BIdbJiIAWUnkoAF_v_0ug/edit?usp=sharingThird Party Advisory
- Third Party Advisory
- Issue Tracking
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:opera:opera_browser:51.0.2830.55:*:*:*:*:*:*:*
EPSS
Процентиль: 66%
0.00513
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-200
Связанные уязвимости
CVSS3: 4.3
github
больше 3 лет назад
In the WebRTC component in Opera 51.0.2830.55, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request.
EPSS
Процентиль: 66%
0.00513
Низкий
4.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
CWE-200