VulnerableCode Package Details - pkg:deb/ubuntu/kde4libs@4:4.14.16-0ubuntu3.2

Search for packages

Package details: pkg:deb/ubuntu/kde4libs@4:4.14.16-0ubuntu3.2

Essentials
History (0)

purl	pkg:deb/ubuntu/kde4libs@4:4.14.16-0ubuntu3.2

Next non-vulnerable version	4:4.14.38-0ubuntu3.1
Latest non-vulnerable version	4:4.14.38-0ubuntu3.1
Risk	4.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-ezms-uxg1-aaar Aliases: CVE-2019-14744	In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file.	4:4.14.38-0ubuntu3.1 Affected by 0 other vulnerabilities.
VCID-het3-uz92-aaah Aliases: CVE-2016-6232	Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads.	4:4.14.34-0ubuntu2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-yg6r-axzc-aaar	KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app.	CVE-2017-8422

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version