Kde Okular vulnerabilities
3 known vulnerabilities affecting kde/okular.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2020-9359MEDIUMCVSS 5.3fixed in 1.10.0≥ 19.12.0, < 19.12.32020-03-24
CVE-2020-9359 [MEDIUM] CVE-2020-9359: KDE Okular before 1.10.0 allows code execution via an action link in a PDF document.
KDE Okular before 1.10.0 allows code execution via an action link in a PDF document.
nvdosv
CVE-2018-1000801MEDIUMCVSS 5.5≤ 18.082018-09-06
CVE-2018-1000801 [MEDIUM] CWE-22 CVE-2018-1000801: okular version 18.08 and earlier contains a Directory Traversal vulnerability in function "unpackDoc
okular version 18.08 and earlier contains a Directory Traversal vulnerability in function "unpackDocumentArchive(...)" in "core/document.cpp" that can result in Arbitrary file creation on the user workstation. This attack appear to be exploitable via he victim must open a specially crafted Okular archive. This issue appears to have been corrected
nvdosv
CVE-2010-2575MEDIUMCVSS 6.8≥ 0, < 4:4.4.5-22010-08-30
CVE-2010-2575 [MEDIUM] CVE-2010-2575: Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image
Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG function in generators/plucker/inplug/image.cpp in Okular in KDE SC 4.3.0 through 4.5.0 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted image in a
osv