VYPR

rpm package

suse/plasma5-workspace&distro=SUSE Package Hub 12 SP3

pkg:rpm/suse/plasma5-workspace&distro=SUSE%20Package%20Hub%2012%20SP3

Vulnerabilities (2)

  • CVE-2018-6791MedFeb 7, 2018
    affected < 5.8.7-8.1fixed 5.8.7-8.1

    An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a poss

  • CVE-2018-6790MedFeb 7, 2018
    affected < 5.8.7-8.1fixed 5.8.7-8.1

    An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element.