rpm package
suse/plasma5-workspace&distro=SUSE Package Hub 12 SP3
pkg:rpm/suse/plasma5-workspace&distro=SUSE%20Package%20Hub%2012%20SP3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-6791 | Med | 6.8 | < 5.8.7-8.1 | 5.8.7-8.1 | Feb 7, 2018 | An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a poss | |
| CVE-2018-6790 | Med | 5.3 | < 5.8.7-8.1 | 5.8.7-8.1 | Feb 7, 2018 | An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element. |
- affected < 5.8.7-8.1fixed 5.8.7-8.1
An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a poss
- affected < 5.8.7-8.1fixed 5.8.7-8.1
An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element.