Kde Frameworks vulnerabilities

1 known vulnerability affecting kde/kde_frameworks.

Total CVEs

1

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

HIGH1

Vulnerabilities

Page 1 of 1

CVE-2016-3100HIGHCVSS 8.4≤ 5.22.02016-07-13

CVE-2016-3100 [HIGH] CWE-200 CVE-2016-3100: kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allow kinit in KDE Frameworks before 5.23.0 uses weak permissions (644) for /tmp/xauth-xxx-_y, which allows local users to obtain X11 cookies of other users and consequently capture keystrokes and possibly gain privileges by reading the file.