Search for packages
| purl | pkg:deb/debian/kde4libs@4:4.14.2-5%2Bdeb8u2 |
| Next non-vulnerable version | 4:4.14.26-2 |
| Latest non-vulnerable version | 4:4.14.26-2 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-9243-ckwg-aaap
Aliases: CVE-2017-6410 |
kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to obtain sensitive information via a crafted PAC file. |
Affected by 0 other vulnerabilities. |
|
VCID-het3-uz92-aaah
Aliases: CVE-2016-6232 |
Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads. |
Affected by 0 other vulnerabilities. |
|
VCID-yg6r-axzc-aaar
Aliases: CVE-2017-8422 |
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app. |
Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-9243-ckwg-aaap | kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to obtain sensitive information via a crafted PAC file. |
CVE-2017-6410
|
| VCID-het3-uz92-aaah | Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads. |
CVE-2016-6232
|
| VCID-yg6r-axzc-aaar | KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app. |
CVE-2017-8422
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T15:29:21.949659+00:00 | Debian Oval Importer | Affected by | VCID-het3-uz92-aaah | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:49:35.004908+00:00 | Debian Oval Importer | Affected by | VCID-9243-ckwg-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T11:45:43.834614+00:00 | Debian Oval Importer | Affected by | VCID-yg6r-axzc-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T10:11:48.536728+00:00 | Debian Oval Importer | Fixing | VCID-yg6r-axzc-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T10:04:19.949782+00:00 | Debian Oval Importer | Fixing | VCID-9243-ckwg-aaap | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T09:49:19.312480+00:00 | Debian Oval Importer | Fixing | VCID-het3-uz92-aaah | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-20T22:16:55.069248+00:00 | Debian Oval Importer | Affected by | VCID-9243-ckwg-aaap | None | 36.1.3 |
| 2025-06-20T22:09:55.154302+00:00 | Debian Oval Importer | Affected by | VCID-het3-uz92-aaah | None | 36.1.3 |
| 2025-06-20T21:50:33.984487+00:00 | Debian Oval Importer | Affected by | VCID-yg6r-axzc-aaar | None | 36.1.3 |
| 2025-06-20T19:38:59.330067+00:00 | Debian Oval Importer | Fixing | VCID-het3-uz92-aaah | None | 36.1.3 |
| 2025-06-20T19:36:34.271672+00:00 | Debian Oval Importer | Fixing | VCID-9243-ckwg-aaap | None | 36.1.3 |
| 2025-06-08T08:23:54.476135+00:00 | Debian Oval Importer | Affected by | VCID-het3-uz92-aaah | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:42:57.934582+00:00 | Debian Oval Importer | Affected by | VCID-9243-ckwg-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:00:48.670799+00:00 | Debian Oval Importer | Affected by | VCID-yg6r-axzc-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T04:00:49.435740+00:00 | Debian Oval Importer | Fixing | VCID-yg6r-axzc-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-08T03:53:28.237020+00:00 | Debian Oval Importer | Fixing | VCID-9243-ckwg-aaap | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-08T03:37:58.679694+00:00 | Debian Oval Importer | Fixing | VCID-het3-uz92-aaah | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-07T15:40:57.217581+00:00 | Debian Oval Importer | Affected by | VCID-9243-ckwg-aaap | None | 36.1.0 |
| 2025-06-07T15:33:57.148936+00:00 | Debian Oval Importer | Affected by | VCID-het3-uz92-aaah | None | 36.1.0 |
| 2025-06-07T15:13:46.074613+00:00 | Debian Oval Importer | Affected by | VCID-yg6r-axzc-aaar | None | 36.1.0 |
| 2025-06-07T13:33:14.386975+00:00 | Debian Oval Importer | Fixing | VCID-het3-uz92-aaah | None | 36.1.0 |
| 2025-06-07T13:31:41.060640+00:00 | Debian Oval Importer | Fixing | VCID-9243-ckwg-aaap | None | 36.1.0 |
| 2025-04-08T06:55:16.327407+00:00 | Debian Oval Importer | Affected by | VCID-het3-uz92-aaah | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:15:26.800075+00:00 | Debian Oval Importer | Affected by | VCID-9243-ckwg-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:31:44.197410+00:00 | Debian Oval Importer | Affected by | VCID-yg6r-axzc-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T02:29:04.389906+00:00 | Debian Oval Importer | Fixing | VCID-yg6r-axzc-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-08T02:21:18.770212+00:00 | Debian Oval Importer | Fixing | VCID-9243-ckwg-aaap | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-08T02:05:43.873281+00:00 | Debian Oval Importer | Fixing | VCID-het3-uz92-aaah | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-07T14:11:50.109347+00:00 | Debian Oval Importer | Affected by | VCID-9243-ckwg-aaap | None | 36.0.0 |
| 2025-04-07T14:04:53.012559+00:00 | Debian Oval Importer | Affected by | VCID-het3-uz92-aaah | None | 36.0.0 |
| 2025-04-07T13:45:24.739017+00:00 | Debian Oval Importer | Affected by | VCID-yg6r-axzc-aaar | None | 36.0.0 |
| 2025-04-07T12:08:40.246495+00:00 | Debian Oval Importer | Fixing | VCID-het3-uz92-aaah | None | 36.0.0 |
| 2025-04-07T12:07:06.304056+00:00 | Debian Oval Importer | Fixing | VCID-9243-ckwg-aaap | None | 36.0.0 |