Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-r3v4-hrwm-cxm5

Опубликовано: 05 дек. 2025
Источник: github
Github: Не прошло ревью
CVSS3: 4.7

Описание

The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore allows brute-force attacks. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and GSConnect before 59.

The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore allows brute-force attacks. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and GSConnect before 59.

Ссылки

EPSS

Процентиль: 6%
0.00023
Низкий

4.7 Medium

CVSS3

CVE ID

CVE-2025-32898

Дефекты

CWE-331

Связанные уязвимости

ubuntu логотип

CVE-2025-32898

CVSS3: 4.7
ubuntu
2 месяца назад

The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore allows brute-force attacks. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and GSConnect before 59.

nvd логотип

CVE-2025-32898

CVSS3: 4.7
nvd
2 месяца назад

The KDE Connect verification-code protocol before 2025-04-18 uses only 8 characters and therefore allows brute-force attacks. This affects KDE Connect before 1.33.0 on Android, KDE Connect before 25.04 on desktop, KDE Connect before 0.5 on iOS, Valent before 1.0.0.alpha.47, and GSConnect before 59.

debian логотип

CVE-2025-32898

CVSS3: 4.7
debian
2 месяца назад

The KDE Connect verification-code protocol before 2025-04-18 uses only ...

EPSS

Процентиль: 6%
0.00023
Низкий

4.7 Medium

CVSS3

CVE ID

CVE-2025-32898

Дефекты

CWE-331