rpm package
suse/kio&distro=SUSE Package Hub 12 SP2
pkg:rpm/suse/kio&distro=SUSE%20Package%20Hub%2012%20SP2
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-6410 | Med | 5.5 | < 5.26.0-5.1 | 5.26.0-5.1 | Mar 2, 2017 | kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to obtain sensitive information via |
- affected < 5.26.0-5.1fixed 5.26.0-5.1
kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to obtain sensitive information via