FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-19 19:12:13 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
479df73e-2838-11ef-9cab-4ccc6adda413	plasma[56]-plasma-workspace -- Unauthorized users can access session manager David Edmundson reports: KSmserver, KDE's XSMP manager, incorrectly allows connections via ICE based purely on the host, allowing all local connections. This allows another user on the same machine to gain access to the session manager. A well crafted client could use the session restore feature to execute arbitrary code as the user on the next boot. Discovery 2024-05-31 Entry 2024-06-11 plasma5-plasma-workspace < 5.27.11.1 plasma6-plasma-workspace < 6.0.4_2 CVE-2024-36041 https://kde.org/info/security/advisory-20240531-1.txt

VuXML ID

Description

479df73e-2838-11ef-9cab-4ccc6adda413

plasma[56]-plasma-workspace -- Unauthorized users can access session manager

David Edmundson reports:

KSmserver, KDE's XSMP manager, incorrectly allows connections via ICE based purely on the host, allowing all local connections. This allows another user on the same machine to gain access to the session manager.

A well crafted client could use the session restore feature to execute arbitrary code as the user on the next boot.

Discovery 2024-05-31
Entry 2024-06-11
plasma5-plasma-workspace

< 5.27.11.1

plasma6-plasma-workspace

< 6.0.4_2

CVE-2024-36041
https://kde.org/info/security/advisory-20240531-1.txt