vulnerability

Red Hat: CVE-2018-6790: Low: kde-workspace security and bug fix update (RHSA-2019:2141)

Severity
5
CVSS
(AV:N/AC:L/Au:N/C:P/I:N/A:N)
Published
Feb 7, 2018
Added
Aug 7, 2019
Modified
Mar 3, 2021

Description

An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element.

Solution(s)

redhat-upgrade-kcm_colorsredhat-upgrade-kde-settingsredhat-upgrade-kde-settings-ksplashredhat-upgrade-kde-settings-minimalredhat-upgrade-kde-settings-plasmaredhat-upgrade-kde-settings-pulseaudioredhat-upgrade-kde-style-oxygenredhat-upgrade-kde-workspaceredhat-upgrade-kde-workspace-debuginforedhat-upgrade-kde-workspace-develredhat-upgrade-kde-workspace-ksplash-themesredhat-upgrade-kde-workspace-libsredhat-upgrade-kdeclassic-cursor-themeredhat-upgrade-kdelibsredhat-upgrade-kdelibs-apidocsredhat-upgrade-kdelibs-commonredhat-upgrade-kdelibs-debuginforedhat-upgrade-kdelibs-develredhat-upgrade-kdelibs-ktexteditorredhat-upgrade-kgreeter-pluginsredhat-upgrade-khotkeysredhat-upgrade-khotkeys-libsredhat-upgrade-kinfocenterredhat-upgrade-kmagredhat-upgrade-kmag-debuginforedhat-upgrade-kmenueditredhat-upgrade-ksysguardredhat-upgrade-ksysguard-libsredhat-upgrade-ksysguarddredhat-upgrade-kwinredhat-upgrade-kwin-glesredhat-upgrade-kwin-gles-libsredhat-upgrade-kwin-libsredhat-upgrade-libkworkspaceredhat-upgrade-oxygen-cursor-themesredhat-upgrade-plasma-scriptengine-pythonredhat-upgrade-plasma-scriptengine-rubyredhat-upgrade-qt-settingsredhat-upgrade-virtuoso-opensourceredhat-upgrade-virtuoso-opensource-debuginforedhat-upgrade-virtuoso-opensource-utils
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.