Search for packages
| purl | pkg:deb/debian/kde4libs@4:4.14.2-5 |
| Next non-vulnerable version | 4:4.14.26-2 |
| Latest non-vulnerable version | 4:4.14.26-2 |
| Risk | 10.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-9243-ckwg-aaap
Aliases: CVE-2017-6410 |
kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, or PATH_INFO), which allows remote attackers to obtain sensitive information via a crafted PAC file. |
Affected by 3 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-het3-uz92-aaah
Aliases: CVE-2016-6232 |
Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads. |
Affected by 3 other vulnerabilities. Affected by 0 other vulnerabilities. |
|
VCID-yg6r-axzc-aaar
Aliases: CVE-2017-8422 |
KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root privileges by spoofing a callerID and leveraging a privileged helper app. |
Affected by 3 other vulnerabilities. Affected by 0 other vulnerabilities. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-g6rw-9kg2-aaad | KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-Bus for communication with a polkit authority, which allows local users to bypass intended access restrictions by leveraging a PolkitUnixProcess PolkitSubject race condition via a (1) setuid process or (2) pkexec process, related to CVE-2013-4288 and "PID reuse race conditions." |
CVE-2014-5033
|
| VCID-p5qf-n6du-aaaf | kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.95 before 4.13.3 does not properly generate warning notifications, which allows man-in-the-middle attackers to obtain sensitive information via an invalid certificate. |
CVE-2014-3494
|
| VCID-sygv-yxwa-aaac | kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows attackers to discover credentials via a crafted request that triggers an "internal server error," which includes the username and password in an error message. |
CVE-2013-2074
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2025-06-21T16:42:38.214491+00:00 | Debian Oval Importer | Fixing | VCID-g6rw-9kg2-aaad | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T15:29:21.947157+00:00 | Debian Oval Importer | Affected by | VCID-het3-uz92-aaah | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T14:49:35.002391+00:00 | Debian Oval Importer | Affected by | VCID-9243-ckwg-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T13:26:51.691969+00:00 | Debian Oval Importer | Fixing | VCID-sygv-yxwa-aaac | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T12:30:09.655687+00:00 | Debian Oval Importer | Fixing | VCID-p5qf-n6du-aaaf | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T11:45:43.833039+00:00 | Debian Oval Importer | Affected by | VCID-yg6r-axzc-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.3 |
| 2025-06-21T10:11:48.534797+00:00 | Debian Oval Importer | Affected by | VCID-yg6r-axzc-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T10:04:19.947899+00:00 | Debian Oval Importer | Affected by | VCID-9243-ckwg-aaap | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T09:49:19.309255+00:00 | Debian Oval Importer | Affected by | VCID-het3-uz92-aaah | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.3 |
| 2025-06-21T00:41:44.807964+00:00 | Debian Oval Importer | Fixing | VCID-p5qf-n6du-aaaf | None | 36.1.3 |
| 2025-06-20T23:02:05.959837+00:00 | Debian Oval Importer | Fixing | VCID-sygv-yxwa-aaac | None | 36.1.3 |
| 2025-06-20T21:50:33.982735+00:00 | Debian Oval Importer | Affected by | VCID-yg6r-axzc-aaar | None | 36.1.3 |
| 2025-06-20T19:45:49.082789+00:00 | Debian Oval Importer | Fixing | VCID-g6rw-9kg2-aaad | None | 36.1.3 |
| 2025-06-20T19:38:59.328438+00:00 | Debian Oval Importer | Affected by | VCID-het3-uz92-aaah | None | 36.1.3 |
| 2025-06-20T19:36:34.269934+00:00 | Debian Oval Importer | Affected by | VCID-9243-ckwg-aaap | None | 36.1.3 |
| 2025-06-08T09:27:54.975638+00:00 | Debian Oval Importer | Fixing | VCID-g6rw-9kg2-aaad | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T08:23:54.474585+00:00 | Debian Oval Importer | Affected by | VCID-het3-uz92-aaah | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T07:42:57.932788+00:00 | Debian Oval Importer | Affected by | VCID-9243-ckwg-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T06:20:51.857178+00:00 | Debian Oval Importer | Fixing | VCID-sygv-yxwa-aaac | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:29:41.276728+00:00 | Debian Oval Importer | Fixing | VCID-p5qf-n6du-aaaf | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T05:00:48.669005+00:00 | Debian Oval Importer | Affected by | VCID-yg6r-axzc-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.1.0 |
| 2025-06-08T04:00:49.434121+00:00 | Debian Oval Importer | Affected by | VCID-yg6r-axzc-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-08T03:53:28.235177+00:00 | Debian Oval Importer | Affected by | VCID-9243-ckwg-aaap | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-08T03:37:58.678051+00:00 | Debian Oval Importer | Affected by | VCID-het3-uz92-aaah | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.1.0 |
| 2025-06-07T18:04:19.160627+00:00 | Debian Oval Importer | Fixing | VCID-p5qf-n6du-aaaf | None | 36.1.0 |
| 2025-06-07T16:25:15.155245+00:00 | Debian Oval Importer | Fixing | VCID-sygv-yxwa-aaac | None | 36.1.0 |
| 2025-06-07T15:13:46.073110+00:00 | Debian Oval Importer | Affected by | VCID-yg6r-axzc-aaar | None | 36.1.0 |
| 2025-06-07T13:37:53.569095+00:00 | Debian Oval Importer | Fixing | VCID-g6rw-9kg2-aaad | None | 36.1.0 |
| 2025-06-07T13:33:14.385434+00:00 | Debian Oval Importer | Affected by | VCID-het3-uz92-aaah | None | 36.1.0 |
| 2025-06-07T13:31:41.059120+00:00 | Debian Oval Importer | Affected by | VCID-9243-ckwg-aaap | None | 36.1.0 |
| 2025-04-08T08:00:19.089475+00:00 | Debian Oval Importer | Fixing | VCID-g6rw-9kg2-aaad | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:55:16.322626+00:00 | Debian Oval Importer | Affected by | VCID-het3-uz92-aaah | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T06:15:26.795043+00:00 | Debian Oval Importer | Affected by | VCID-9243-ckwg-aaap | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:53:09.528328+00:00 | Debian Oval Importer | Fixing | VCID-sygv-yxwa-aaac | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T04:00:56.879334+00:00 | Debian Oval Importer | Fixing | VCID-p5qf-n6du-aaaf | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T03:31:44.192158+00:00 | Debian Oval Importer | Affected by | VCID-yg6r-axzc-aaar | https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 | 36.0.0 |
| 2025-04-08T02:29:04.384479+00:00 | Debian Oval Importer | Affected by | VCID-yg6r-axzc-aaar | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-08T02:21:18.765385+00:00 | Debian Oval Importer | Affected by | VCID-9243-ckwg-aaap | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-08T02:05:43.868018+00:00 | Debian Oval Importer | Affected by | VCID-het3-uz92-aaah | https://www.debian.org/security/oval/oval-definitions-jessie.xml.bz2 | 36.0.0 |
| 2025-04-07T16:41:23.285969+00:00 | Debian Oval Importer | Fixing | VCID-p5qf-n6du-aaaf | None | 36.0.0 |
| 2025-04-07T14:57:09.382421+00:00 | Debian Oval Importer | Fixing | VCID-sygv-yxwa-aaac | None | 36.0.0 |
| 2025-04-07T13:45:24.733686+00:00 | Debian Oval Importer | Affected by | VCID-yg6r-axzc-aaar | None | 36.0.0 |
| 2025-04-07T12:13:19.125515+00:00 | Debian Oval Importer | Fixing | VCID-g6rw-9kg2-aaad | None | 36.0.0 |
| 2025-04-07T12:08:40.241077+00:00 | Debian Oval Importer | Affected by | VCID-het3-uz92-aaah | None | 36.0.0 |
| 2025-04-07T12:07:06.297826+00:00 | Debian Oval Importer | Affected by | VCID-9243-ckwg-aaap | None | 36.0.0 |