MGASA-2020-0416

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2020-0416.html

Import Source

https://advisories.mageia.org/MGASA-2020-0416.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2020-0416

Related

CVE-2020-26164

Published

2020-11-13T21:20:36Z

Modified

2020-11-13T20:35:08Z

Summary

Updated kdeconnect-kde packages fix a security vulnerability

Details

An attacker on your local network could send maliciously crafted packets to other hosts running kdeconnect on the network, causing them to use large amounts of CPU, memory or network connections, which could be used in a Denial of Service attack within the network. (CVE-2020-26164)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:7 / kdeconnect-kde

Package

Name: kdeconnect-kde
Purl: pkg:rpm/mageia/kdeconnect-kde?distro=mageia-7

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.3.4-2.1.mga7

Ecosystem specific

{
    "section": "core"
}