KDE Security Advisories
Reporting
Please send security concerns and findings about software produced by KDE to security@kde.org.
Please send security concerns and findings about software used but not produced by KDE (e.g. gitlab, bugzilla, etc.) to sysadmin@kde.org.
If you are under active threat of interception, and the information you desire to transmit is exceedingly sensitive, you may send it to one of individual team members listed below using PGP, who may then choose to forward the message to other team members or take other appropriate action, as determined by the security team recipient. However, due to time constraints, you are far more likely to receive a prompt response by contacting security@kde.org.
| Name | PGP Key | |
|---|---|---|
| David Edmundson | davidedmundson@kde.org | D07BD8662C56CB291B316EB2F5675605C74E02CF |
| Albert Astals Cid | aacid@kde.org | 8692A42FB1A8B666C51053919D17D97FD8224750 |
| Jason A. Donenfeld | jdonenfeld@kde.org | 3C16CDE0E58B28C80A5A361DC3BD4FF850130054 |
Reported security problems are handled according to the KDE Security Policy.
Advisories
The KDE Security Advisories are crosslinked in the KDE Information Pages of the KDE versions to which they apply to. The listing below is in chronological order.
- 2024-05-31 ksmserver: Unauthorized users can access session manager
- 2024-04-23 konqueror: HTML Thumbnailer automatic remote file access
- 2022-11-29 Ruqola: server info dialog can execute local binary
- 2022-02-16 kcron: Invalid temporary file handling.
- 2022-01-31 KTextEditor/Kate: Missing validation of binaries executed via QProcess.
- 2021-11-18 KMail: Encryption is ignored when "Server requires authentication" not checked in UI.
- 2021-11-18 KMail: Endless loop, if the TLS certificate marked as bad.
- 2021-04-29 KMail: Deleting attachments can disclose content of encrypted messages.
- 2021-03-10 Discover: Missing URI scheme validation.
- 2020-10-17 KDE Partition Manager: kpmcore_externalcommand helper can be exploited in local privilege escalation.
- 2020-10-02 KDE Connect: packet manipulation can be exploited in a Denial of Service attack.
- 2020-08-27 Ark: maliciously crafted TAR archive with symlinks can install files outside the extraction directory.
- 2020-07-30 Ark: maliciously crafted archive can install files outside the extraction directory.
- 2020-05-10 kio_fish stores the typed password in KWallet even if the user doesn't check the "Remember" box.
- 2020-03-12 Okular: Local binary execution via action links.
- 2019-08-07 kconfig: malicious .desktop files (and others) would execute code.
- 2019-07-21 Windows: Incorrect behavior of uninstall.exe.
- 2019-02-09 kauth: Insecure handling of arguments in helpers.
- 2018-11-28 messagelib: HTML email can open browser window automatically.
- 2018-11-12 kio-extras: HTML Thumbnailer automatic remote file access.
- 2018-05-03 kwallet-pam: Access to privileged files.
- 2018-02-08 Plasma Desktop: Arbitrary command execution in the removable device notifier.
- 2018-02-08 Plasma: Notifications can expose user IP address.
- 2017-11-12 Konversation: Crash in IRC message parsing.
- 2017-06-15 KMail: Send Later with Delay bypasses OpenPGP.
- 2017-05-10 smb4k: unauthorized local command execution as root.
- 2017-05-10 kauth: Local privilege escalation.
- 2017-02-28 kio: Information Leak when accessing https when using a malicious PAC file.
- 2017-02-27 ktnef: Directory Traversal.
- 2017-02-14 Kopete: XMPP User Impersonation Vulnerability.
- 2017-01-12 Ark: unintended execution of scripts and executable files.
- 2016-11-14 KDE neon: insecure package archive.
- 2016-10-06 KMail: HTML injection in plain text viewer.
- 2016-10-06 KMail: JavaScript access to local and remote URLs.
- 2016-10-06 KMail: JavaScript execution in HTML Mails.
- 2016-09-30 kdesu: Displayed command truncated by unicode string terminator.
- 2016-07-24 karchive: KNewstuff downloads can install files outside the extraction directory.
- 2016-06-21 kinit: World readable X11 Cookie key logger
- 2016-02-09 Turning all screens off while the lock screen is shown can result in the screen being unlocked when turning a screen on again.
- 2015-01-22 kde-workspace, plasma-workspace: X11 clients can eavesdrop input events while screen is locked
- 2015-01-22 plasma-workspace: Network access from screen locker
- 2015-01-09 kwallet: Fix CBC encryption handling
- 2014-11-13 kwebkitpart, kde-runtime, kio-extras: Insufficient Input Validation
- 2014-11-06 kde-workspace, plasma-desktop: privilage escalation
- 2014-11-04 Konversation out-of-bounds read on a heap-allocated array
- 2014-09-23 krfb multiple security issues in libvncserver
- 2014-08-03 krfb integer overflow
- 2014-07-30 KAuth PID Reuse Flaw
- 2014-06-18 KMail/KIO POP3 SSL MITM Flaw
- 2012-08-10 Calligra and KOffice Input Validation Failure
- 2011-10-03 KSSL and Rekonq Input Validation Failure
- 2011-04-11 Konqueror Partially Universal XSS Vulnerability in Error Pages
- 2010-08-25 Okular PDB Processing Memory Corruption Vulnerability
- 2010-05-13 KGet Directory Traversal and Insecure File Operation Vulnerabilities
- 2010-04-13 KDM Local Privilege Escalation Vulnerability
- 2010-02-17 KRunner lock module race condition
- 2009-10-27 XMLHttpRequest vulnerability and kioslave input validation issues
- 2008-04-26 start_kdeinit multiple vulnerabilities
- 2008-04-26 KHTML PNG Loader Buffer Overflow
- 2007-11-07 kpdf/kword/xpdf multiple xpdf based vulnerabilities
- 2007-09-19 KDM passwordless login vulnerability
- 2007-09-14 Konqueror address bar spoofing
- 2007-07-30 kpdf/kword/xpdf stack based buffer overflow
- 2007-03-26 KIO FTP ioslave PASV vulnerability
- 2007-02-06 KHTML/Konqueror <title> XSS vulnerability
- 2007-01-15 kpdf/kword/xpdf denial of service vulnerability
- 2007-01-09 ksirc denial of service vulnerability
- 2006-12-05 KOffice OLEfilter integer overflow
- 2006-11-29 JPEG-EXIF Meta Information DoS vulnerability
- 2006-06-14 KDM symlink attack vulnerability
- 2006-06-14 artswrapper return value checking vulnerability
- 2006-04-04 Kaffeine http_peek() buffer overflow
- 2006-03-10 kpdf/xpdf heap based buffer overflow
- 2006-02-02 kpdf/xpdf heap based buffer overflow
- 2006-01-19 kjs encodeuri/decodeuri heap overflow vulnerability
- 2006-01-03 kpdf/xpdf multiple integer overflows
- 2005-10-11 KOffice KWord RTF import buffer overflow
- 2005-09-05 kcheckpass local root vulnerability
- 2005-08-15 langen2kvtml tempfile handling vulnerability
- 2005-08-09 kpdf infinite temp file DoS
- 2005-07-21 libgadu multiple vulnerabilities
- 2005-07-18 Kate backup file permission leak
- 2005-05-04 Patch updates for kimgio and Kommander
- 2005-04-21 kimgio input validation errors
- 2005-04-20 Kommander untrusted code execution
- 2005-03-16 Local DCOP denial of service vulnerability
- 2005-03-16 Konqueror International Domain Name Spoofing
- 2005-03-16 Insecure temporary file creation by dcopidlng
- 2005-02-28 kppp Privileged fd Leak Vulnerability
- 2005-02-15 Buffer overflow in fliccd of kdeedu/kstars/indi
- 2005-01-21 Multiple vulnerabilities in Konversation
- 2005-01-20 KOffice PDF import filter buffer overflow (third)
- 2005-01-19 kpdf buffer overflow
- 2005-01-01 ftp kioslave command injection
- 2004-12-23 KOffice PDF importer integer overflow vulnerability
- 2004-12-23 kpdf Buffer Overflow Vulnerability
- 2004-12-20 Konqueror Java Vulnerability
- 2004-12-13 Konqueror Window Injection Vulnerability
- 2004-12-09 kfax libtiff vulnerabilities
- 2004-12-09 plain text password exposure
- 2004-10-30 KOffice PDF importer integer overflow vulnerability
- 2004-10-21 multiple kpdf integer overflows
- 2004-08-23 Konqueror Cross-Domain Cookie Injection
- 2004-08-11 Temporary Directory Vulnerability
- 2004-08-11 DCOPServer Temporary Filename Vulnerability
- 2004-08-11 Konqueror Frame Injection Vulnerability
- 2004-05-17 URI Handler Vulnerabilities
- 2004-01-14 VCF file information reader vulnerability
- 2003-09-16 KDM local root / weak session cookie generation
- 2003-07-29 Konqueror HTTP Authentication credential leak
- 2003-06-02 KDE 2.2 / Konqueror Embedded SSL vulnerability
- 2003-04-09 PS/PDF file handling vulnerability
- 2002-12-20 Multiple KDE vulnerabilities
- 2002-11-11 resLISa / LISa Vulnerabilities
- 2002-11-11 rlogin.protocol and telnet.protocol URL KIO Vulnerability
- 2002-10-08 kpf Directory traversal
- 2002-10-08 KGhostview Arbitrary Code Execution
- 2002-09-08 Konqueror Cross Site Scripting Vulnerability
- 2002-09-08 Secure Cookie Vulnerability
- 2002-08-18 Konqueror SSL vulnerability
- 1998-11-18 KDE Screensaver Vulnerability