VYPR

Kauth

by KDE

CVEs (3)

  • CVE-2017-8422HigMay 17, 2017
    risk 0.54cvss 7.8epss 0.02

    KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.

  • CVE-2019-7443May 7, 2019
    risk 0.00cvss epss 0.02

    KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. Certain types can cause crashes, and trigger the decoding of arbitrary images with dynamically loaded plugins. In other words, KAuth…

  • CVE-2014-5033Aug 19, 2014
    risk 0.00cvss epss 0.00

    KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2)…