Information on source package kde4libs

Available versions

ReleaseVersion
jessie4:4.14.2-5+deb8u3
stretch4:4.14.26-2+deb9u1
buster4:4.14.38-3

Open issues

BugjessiestretchbusterDescription
CVE-2019-14744fixedfixedvulnerable (no DSA, ignored)In KDE Frameworks KConfig before 5.61.0, malicious desktop files and c ...
CVE-2019-7443vulnerable (no DSA)vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)KDE KAuth before 5.55 allows the passing of parameters with arbitrary ...

Open unimportant issues

BugjessiestretchbusterDescription
TEMP-0568486-B6FCB6vulnerablevulnerablevulnerablebrowser javascript document.write denial-of-service
TEMP-0560108-565B70vulnerablevulnerablevulnerablebrowser-based css info disclosure
CVE-2009-3272vulnerablevulnerablevulnerableStack consumption vulnerability in WebKit.dll in WebKit in Apple Safar ...
CVE-2009-3015vulnerablevulnerablevulnerableQtWeb 3.0 Builds 001 and 003 does not properly block javascript: and d ...
CVE-2009-1724vulnerablevulnerablevulnerableCross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...
CVE-2009-1718vulnerablevulnerablevulnerableWebKit in Apple Safari before 4.0 allows user-assisted remote attacker ...
CVE-2009-1692vulnerablevulnerablevulnerableWebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iP ...

Resolved issues

BugDescription
TEMP-0000000-C3D012multiple missing input sanity checks in KDE
CVE-2017-8422KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to ...
CVE-2017-6410kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 call ...
CVE-2016-6232Directory traversal vulnerability in KArchive before 5.24, as used in ...
CVE-2015-7543aRts 1.5.10 and kdelibs3 3.5.10 and earlier do not properly create tem ...
CVE-2014-5033KDE kdelibs before 4.14 and kauth before 5.1 does not properly use D-B ...
CVE-2014-3494kio/usernotificationhandler.cpp in the POP3 kioslave in kdelibs 4.10.9 ...
CVE-2013-2074kioslave/http/http.cpp in KIO in kdelibs 4.10.3 and earlier allows att ...
CVE-2011-3365The KDE SSL Wrapper (KSSL) API in KDE SC 4.6.0 through 4.7.1, and poss ...
CVE-2011-1168Cross-site scripting (XSS) vulnerability in the KHTMLPart::htmlError f ...
CVE-2011-1094kio/kio/tcpslavebase.cpp in KDE KSSL in kdelibs before 4.6.1 does not ...
CVE-2010-3170Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird bef ...
CVE-2009-3933WebKit before r50173, as used in Google Chrome before 3.0.195.32, allo ...
CVE-2009-3384Multiple unspecified vulnerabilities in WebKit in Apple Safari before ...
CVE-2009-2816The implementation of Cross-Origin Resource Sharing (CORS) in WebKit, ...
CVE-2009-2797The WebKit component in Safari in Apple iPhone OS before 3.1, and iPho ...
CVE-2009-2702KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a ' ...
CVE-2009-2195Buffer overflow in WebKit in Apple Safari before 4.0.3 allows remote a ...
CVE-2009-1725WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, ...
CVE-2009-1715Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in ...
CVE-2009-1714Cross-site scripting (XSS) vulnerability in Web Inspector in WebKit in ...
CVE-2009-1713The XSLT functionality in WebKit in Apple Safari before 4.0 does not p ...
CVE-2009-1712WebKit in Apple Safari before 4.0 does not prevent remote loading of l ...
CVE-2009-1711WebKit in Apple Safari before 4.0 does not properly initialize memory ...
CVE-2009-1710WebKit in Apple Safari before 4.0 allows remote attackers to spoof the ...
CVE-2009-1709Use-after-free vulnerability in the garbage-collection implementation ...
CVE-2009-1703WebKit in Apple Safari before 4.0 does not prevent references to file: ...
CVE-2009-1702Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...
CVE-2009-1700The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone O ...
CVE-2009-1699The XSL stylesheet implementation in WebKit in Apple Safari before 4.0 ...
CVE-2009-1698WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iP ...
CVE-2009-1697CRLF injection vulnerability in WebKit in Apple Safari before 4.0, iPh ...
CVE-2009-1696WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iP ...
CVE-2009-1695Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...
CVE-2009-1694WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iP ...
CVE-2009-1693WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iP ...
CVE-2009-1691Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...
CVE-2009-1690Use-after-free vulnerability in WebKit, as used in Apple Safari before ...
CVE-2009-1689Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...
CVE-2009-1688Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...
CVE-2009-1687The JavaScript garbage collector in WebKit in Apple Safari before 4.0, ...
CVE-2009-1686WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iP ...
CVE-2009-1684Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari bef ...
CVE-2009-1681WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iP ...
CVE-2009-0945Array index error in the insertItemBefore method in WebKit, as used in ...
CVE-2009-0689Array index error in the (1) dtoa implementation in dtoa.c (aka pdtoa. ...
CVE-2008-4724Multiple cross-site scripting (XSS) vulnerabilities in Google Chrome 0 ...
CVE-2008-1670Heap-based buffer overflow in the progressive PNG Image loader (decode ...
CVE-2008-0298KHTML WebKit as used in Apple Safari 2.x allows remote attackers to ca ...

Security announcements

DSA / DLADescription
ELA-1058-1kde4libs - security update
DLA-1890-1kde4libs - security update
DLA-952-1kde4libs - security update
DSA-3849-1kde4libs - security update
DSA-3643-1kde4libs - security update
DLA-570-1kde4libs - security update
DLA-76-1kde4libs - security update
DSA-3004-1kde4libs - security update
DSA-1868-1kde4libs - several vulnerabilities
Search for package or bug name: Reporting problems