Skip to main content

Kio Extras

2 CVEs product

Monthly

CVE-2020-12755 LOW PATCH Monitor

fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Kio Extras
NVD
CVSS 3.1
3.3
EPSS
0.4%
CVE-2014-8600 MEDIUM POC PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remote attackers to inject arbitrary web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS Kwebkitpart Kde Runtime Kio Extras Opensuse
NVD
CVSS 2.0
4.3
EPSS
0.3%
EPSS 0% CVSS 3.3
LOW PATCH Monitor

fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity.

Information Disclosure Kio Extras
NVD
EPSS 0% CVSS 4.3
MEDIUM POC PATCH This Month

Multiple cross-site scripting (XSS) vulnerabilities in KDE-Runtime 4.14.3 and earlier, kwebkitpart 1.3.4 and earlier, and kio-extras 5.1.1 and earlier allow remote attackers to inject arbitrary web. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available.

XSS Kwebkitpart Kde Runtime +2
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy