Medium severity5.3NVD Advisory· Published Feb 7, 2018· Updated Jun 17, 2026
CVE-2018-6790
CVE-2018-6790
Description
An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <5.12.0
Patches
Vulnerability mechanics
References
5- cgit.kde.org/plasma-workspace.git/commit/nvdVendor Advisory
- cgit.kde.org/plasma-workspace.git/commit/nvdVendor Advisory
- phabricator.kde.org/D10188nvdIssue TrackingVendor Advisory
- www.kde.org/announcements/plasma-5.11.5-5.12.0-changelog.phpnvdVendor Advisory
- access.redhat.com/errata/RHSA-2019:2141nvd
News mentions
0No linked articles in our index yet.