CVE-2021-38372
https://notcve.org/view.php?id=CVE-2021-38372
In KDE Trojita 0.7, man-in-the-middle attackers can create new folders because untagged responses from an IMAP server are accepted before STARTTLS. En KDE Trojita versión 0.7, unos atacantes de tipo man-in-the-middle pueden crear nuevas carpetas porque las respuestas no etiquetadas de un servidor IMAP son aceptadas antes de STARTTLS • https://bugs.kde.org/show_bug.cgi?id=432353 https://nostarttls.secvuln.info • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2021-36083
https://notcve.org/view.php?id=CVE-2021-36083
KDE KImageFormats 5.70.0 through 5.81.0 has a stack-based buffer overflow in XCFImageFormat::loadTileRLE. KDE KImageFormats versiones 5.70.0 hasta 5.81.0, presenta un desbordamiento de búfer en la región stack de la memoria en la función XCFImageFormat::loadTileRLE • https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33742 https://github.com/google/oss-fuzz-vulns/blob/main/vulns/kimageformats/OSV-2021-695.yaml https://invent.kde.org/frameworks/kimageformats/commit/297ed9a2fe339bfe36916b9fce628c3242e5be0f • CWE-787: Out-of-bounds Write •
CVE-2021-31855
https://notcve.org/view.php?id=CVE-2021-31855
KDE Messagelib through 5.17.0 reveals cleartext of encrypted messages in some situations. Deleting an attachment of a decrypted encrypted message stored on a remote server (e.g., an IMAP server) causes KMail to upload the decrypted content of the message to the remote server. With a crafted message, a user could be tricked into decrypting an encrypted message and then deleting an attachment attached to this message. If the attacker has access to the messages stored on the email server, then the attacker could read the decrypted content of the encrypted message. This occurs in ViewerPrivate::deleteAttachment in messageviewer/src/viewer/viewer_p.cpp. • https://github.com/KDE/messagelib/commit/3b5b171e91ce78b966c98b1292a1bcbc8d984799 https://kde.org/info/security/advisory-20210429-1.txt • CWE-312: Cleartext Storage of Sensitive Information •
CVE-2021-28117
https://notcve.org/view.php?id=CVE-2021-28117
libdiscover/backends/KNSBackend/KNSResource.cpp in KDE Discover before 5.21.3 automatically creates links to potentially dangerous URLs (that are neither https:// nor http://) based on the content of the store.kde.org web site. (5.18.7 is also a fixed version.) El archivo libdiscover/backends/KNSBackend/KNSResource.cpp en KDE Discover versiones anteriores a 5.21.3 crea automáticamente enlaces hacia URL potencialmente peligrosas (que no son ni https:// ni http://) basados ??en el contenido del sitio web store.kde.org . (5.18.7 también es una versión corregida) • https://github.com/KDE/discover/commit/fcd3b30552bf03a384b1a16f9bb8db029c111356 https://github.com/KDE/discover/releases https://invent.kde.org/plasma/discover/commit/94478827aab63d2e2321f0ca9ec5553718798e60 https://kde.org/info/security/advisory-20210310-1.txt https://userbase.kde.org/Discover •
CVE-2020-27187
https://notcve.org/view.php?id=CVE-2020-27187
An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcore_externalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related commands, while KDE Partition Manager is running. the mount command can then be used to gain full root privileges. Se detectó un problema en KDE Partition Manager versiones 4.1.0 anteriores a 4.2.0. El asistente kpmcore_externalcommand contiene un fallo lógico en el que el servicio que invoca D-Bus no es apropiadamente comprobado. • https://bugzilla.redhat.com/show_bug.cgi?id=1890199 https://github.com/KDE/partitionmanager/compare/v4.1.0...v4.2.0 https://kde.org/info/security/advisory-20201017-1.txt https://security.gentoo.org/glsa/202011-03 •