What is the vulnerability ID of the GNOME NetworkManager vulnerability?

The vulnerability ID of the GNOME NetworkManager vulnerability is CVE-2018-1000135.

What is the severity of the GNOME NetworkManager vulnerability?

The severity of the GNOME NetworkManager vulnerability is high, with a severity value of 7.5.

What is the affected software of the GNOME NetworkManager vulnerability?

The affected software of the GNOME NetworkManager vulnerability is GNOME NetworkManager version 1.10.2 and earlier, as well as Canonical Ubuntu Linux 16.04.

How can the GNOME NetworkManager vulnerability be fixed?

To fix the GNOME NetworkManager vulnerability, update to a version of GNOME NetworkManager that is later than 1.10.2, and apply any necessary patches or updates provided by the vendor.

Vulnerability/
CVE-2018-1000135

high

7.5

CWE

200

20/3/2018

5/8/2024

CVE-2018-1000135: Infoleak

Q: What is the title of the GNOME NetworkManager vulnerability?

The title of the GNOME NetworkManager vulnerability is 'GNOME NetworkManager version 1.10.2 and earlier contains a Information Exposure (CWE-200) vulnerability'.

First published: Tue Mar 20 2018(Updated: )

GNOME NetworkManager version 1.10.2 and earlier contains a Information Exposure (CWE-200) vulnerability in DNS resolver that can result in Private DNS queries leaked to local network's DNS servers, while on VPN. This vulnerability appears to have been fixed in Some Ubuntu 16.04 packages were fixed, but later updates removed the fix. cf. https://bugs.launchpad.net/ubuntu/+bug/1754671 an upstream fix does not appear to be available at this time.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
GNOME NetworkManager	<=1.10.2
Canonical Ubuntu Linux	=16.04

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID of the GNOME NetworkManager vulnerability?
The vulnerability ID of the GNOME NetworkManager vulnerability is CVE-2018-1000135.
What is the title of the GNOME NetworkManager vulnerability?
The title of the GNOME NetworkManager vulnerability is 'GNOME NetworkManager version 1.10.2 and earlier contains a Information Exposure (CWE-200) vulnerability'.
What is the severity of the GNOME NetworkManager vulnerability?
The severity of the GNOME NetworkManager vulnerability is high, with a severity value of 7.5.
What is the affected software of the GNOME NetworkManager vulnerability?
The affected software of the GNOME NetworkManager vulnerability is GNOME NetworkManager version 1.10.2 and earlier, as well as Canonical Ubuntu Linux 16.04.
How can the GNOME NetworkManager vulnerability be fixed?
To fix the GNOME NetworkManager vulnerability, update to a version of GNOME NetworkManager that is later than 1.10.2, and apply any necessary patches or updates provided by the vendor.

collector/nvd-index
agent/weakness
agent/severity
agent/author
agent/type
agent/event
agent/references
agent/description
agent/softwarecombine
agent/first-publish-date
agent/last-modified-date
agent/tags
collector/mitre-cve
source/MITRE
vendor/gnome
canonical/gnome networkmanager
version/gnome networkmanager/1.10.2
vendor/canonical
canonical/canonical ubuntu linux
version/canonical ubuntu linux/16.04

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.