VYPR

rpm package

suse/kdelibs4&distro=SUSE Package Hub 12 SP2

pkg:rpm/suse/kdelibs4&distro=SUSE%20Package%20Hub%2012%20SP2

Vulnerabilities (3)

  • CVE-2019-14744Aug 7, 2019
    affected < 4.14.38-bp151.9.5.1fixed 4.14.38-bp151.9.5.1

    In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon

  • CVE-2017-8422HigMay 17, 2017
    affected < 4.14.25-8.2fixed 4.14.25-8.2

    KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.

  • CVE-2017-6410MedMar 2, 2017
    affected < 4.14.25-5.3fixed 4.14.25-5.3

    kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to obtain sensitive information via