Published: 07/02/2018 Updated: 06/08/2019

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

An issue exists in KDE Plasma Workspace prior to 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote malicious users to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element.

Vulnerable Product	Search on Vulmon	Subscribe to Product
kde plasma-workspace

Synopsis Low: kde-workspace security and bug fix update Type/Severity Security Advisory: Low Topic An update for kde-workspace, kde-settings, kdelibs, kmag, and virtuoso-opensource is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of L ...

An issue was discovered in KDE Plasma Workspace before 5120 dataengines/notifications/notificationsenginecpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element ...

CWE-200 https://www.kde.org/announcements/plasma-5.11.5-5.12.0-changelog.php https://phabricator.kde.org/D10188 https://cgit.kde.org/plasma-workspace.git/commit/?id=8164beac15ea34ec0d1564f0557fe3e742bdd938 https://cgit.kde.org/plasma-workspace.git/commit/?id=5bc696b5abcdb460c1017592e80b2d7f6ed3107c https://access.redhat.com/errata/RHSA-2019:2141 https://access.redhat.com/errata/RHSA-2019:2141 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-6790

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect