Описание
An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | kdebase-workspace | Not affected | ||
| Red Hat Enterprise Linux 7 | kdelibs | Fixed | RHSA-2019:2141 | 06.08.2019 |
| Red Hat Enterprise Linux 7 | kde-settings | Fixed | RHSA-2019:2141 | 06.08.2019 |
| Red Hat Enterprise Linux 7 | kde-workspace | Fixed | RHSA-2019:2141 | 06.08.2019 |
| Red Hat Enterprise Linux 7 | kmag | Fixed | RHSA-2019:2141 | 06.08.2019 |
| Red Hat Enterprise Linux 7 | virtuoso-opensource | Fixed | RHSA-2019:2141 | 06.08.2019 |
Показывать по
Дополнительная информация
Статус:
EPSS
4.3 Medium
CVSS3
Связанные уязвимости
An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element.
An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element.
An issue was discovered in KDE Plasma Workspace before 5.12.0. dataeng ...
An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element.
ELSA-2019-2141: kde-workspace security and bug fix update (LOW)
EPSS
4.3 Medium
CVSS3