CVE-2021-28117

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-28117

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-28117.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2021-28117

Related

UBUNTU-CVE-2021-28117

Published

2021-03-20T21:15:11Z

Modified

2024-10-15T20:50:44.114329Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVSS Calculator

Summary

[none]

Details

libdiscover/backends/KNSBackend/KNSResource.cpp in KDE Discover before 5.21.3 automatically creates links to potentially dangerous URLs (that are neither https:// nor http://) based on the content of the store.kde.org web site. (5.18.7 is also a fixed version.)

References

Affected packages

Debian:11 / plasma-discover

Package

Name: plasma-discover
Purl: pkg:deb/debian/plasma-discover?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.20.5-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / plasma-discover

Package

Name: plasma-discover
Purl: pkg:deb/debian/plasma-discover?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.20.5-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / plasma-discover

Package

Name: plasma-discover
Purl: pkg:deb/debian/plasma-discover?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.20.5-3

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/kde/discover

Affected ranges

Type: GIT
Repo: https://github.com/kde/discover
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

fcd3b30552bf03a384b1a16f9bb8db029c111356

Affected versions

v5.*

v5.10.0

v5.10.1

v5.10.2

v5.10.3

v5.10.4

v5.10.5

v5.10.95

v5.11.0

v5.11.1

v5.11.2

v5.11.3

v5.11.4

v5.11.5

v5.11.95

v5.12.0

v5.12.1

v5.12.2

v5.12.3

v5.12.4

v5.12.5

v5.12.5.1

v5.12.6

v5.12.90

v5.13.0

v5.13.1

v5.13.2

v5.13.3

v5.13.4

v5.13.90

v5.14.0

v5.14.1

v5.14.2

v5.14.3

v5.14.4

v5.14.5

v5.14.5.1

v5.14.90

v5.15.0

v5.15.1

v5.15.2

v5.15.3

v5.15.4

v5.15.90

v5.16.0

v5.16.1

v5.16.2

v5.16.3

v5.16.4

v5.16.90

v5.17.0

v5.17.1

v5.17.2

v5.17.3

v5.17.4

v5.17.90

v5.18.0

v5.18.1

v5.18.2

v5.18.3

v5.18.4

v5.18.4.1

v5.18.5

v5.18.6

v5.4.95

v5.5.0

v5.5.1

v5.5.2

v5.5.3

v5.5.4

v5.5.5

v5.5.95

v5.6.0

v5.6.1

v5.6.2

v5.6.3

v5.6.4

v5.6.95

v5.7.0

v5.7.1

v5.7.2

v5.7.3

v5.7.95

v5.8.0

v5.8.1

v5.8.2

v5.8.3

v5.8.4

v5.8.5

v5.8.6

v5.8.95

v5.9.0

v5.9.1

v5.9.2

v5.9.3

v5.9.4

v5.9.95