CVE-2022-24986

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-24986

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-24986.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-24986

Downstream

DEBIAN-CVE-2022-24986

UBUNTU-CVE-2022-24986

openSUSE-SU-2024:11881-1

Related

openSUSE-SU-2024:11881-1

Published

2022-02-26T05:15:08Z

Modified

2025-08-09T19:01:28Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

KDE KCron through 21.12.2 uses a temporary file in /tmp when saving, but reuses the filename during an editing session. Thus, someone watching it be created the first time could potentially intercept the file the following time, enabling that person to run unauthorized commands.

References

Affected packages