The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versions 2.20.0 and 2.20.1, failed to perform TLS certificate verification for WebSocket connections.
Base Score: 5
Impact Score: 2.9
Exploitability Score: 10
Base Score: 7.5
Impact Score: 3.6
Exploitability Score: 3.9
|118453||openSUSE Security Update : webkit2gtk3 (openSUSE-2018-1288)||Nessus||SuSE Local Security Checks|
|118389||SUSE SLED12 / SLES12 Security Update : webkit2gtk3 (SUSE-SU-2018:3387-1)||Nessus||SuSE Local Security Checks|
|112078||GLSA-201808-04 : WebkitGTK+: Multiple vulnerabilities||Nessus||Gentoo Local Security Checks|