rpm package
suse/kcoreaddons&distro=SUSE Package Hub 12 SP1
pkg:rpm/suse/kcoreaddons&distro=SUSE%20Package%20Hub%2012%20SP1
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-7443 | — | < 5.45.0-bp150.3.6.2 | 5.45.0-bp150.3.6.2 | May 7, 2019 | KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintenti | ||
| CVE-2016-7966 | Hig | 7.3 | < 5.20.0-6.1 | 5.20.0-6.1 | Dec 23, 2016 | Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which greatly reduces the available HTM |
- CVE-2019-7443May 7, 2019affected < 5.45.0-bp150.3.6.2fixed 5.45.0-bp150.3.6.2
KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth unintenti
- affected < 5.20.0-6.1fixed 5.20.0-6.1
Through a malicious URL that contained a quote character it was possible to inject HTML code in KMail's plaintext viewer. Due to the parser used on the URL it was not possible to include the equal sign (=) or a space into the injected HTML, which greatly reduces the available HTM