VulnerableCode Package Details - pkg:deb/ubuntu/kde4libs@4:4.14.30-0ubuntu2

Search for packages

Package details: pkg:deb/ubuntu/kde4libs@4:4.14.30-0ubuntu2

Essentials
History (0)

purl	pkg:deb/ubuntu/kde4libs@4:4.14.30-0ubuntu2

Next non-vulnerable version	4:4.14.38-0ubuntu3.1
Latest non-vulnerable version	4:4.14.38-0ubuntu3.1
Risk	4.0

Vulnerabilities affecting this package (2)

Vulnerability	Summary	Fixed by
VCID-ezms-uxg1-aaar Aliases: CVE-2019-14744	In KDE Frameworks KConfig before 5.61.0, malicious desktop files and configuration files lead to code execution with minimal user interaction. This relates to libKF5ConfigCore.so, and the mishandling of .desktop and .directory files, as demonstrated by a shell command on an Icon line in a .desktop file.	4:4.14.38-0ubuntu3.1 Affected by 0 other vulnerabilities.
VCID-het3-uz92-aaah Aliases: CVE-2016-6232	Directory traversal vulnerability in KArchive before 5.24, as used in KDE Frameworks, allows remote attackers to write to arbitrary files via a ../ (dot dot slash) in a filename in an archive file, related to KNewsstuff downloads.	4:4.14.34-0ubuntu2 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version