What is CVE-2020-12755?

CVE-2020-12755 is a low-severity vulnerability in Kde Kio-extras. CVSS score: 3.3/10. Published 2020-05-09.

How severe is CVE-2020-12755?

Low severity. CVSS v3 base score is 3.3 out of 10.

Vulnerability in Kde Kio-extras

CVE-2020-12755

fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. This may lead to unintended KWallet storage of a password.

EPSS: 0.004 (28.8th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 3.3 (Low). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N.

Affected products

Kde Kio-extras
N/a — versions n/a

References

cve@mitre.org (x_refsource_CONFIRM, Patch, Mailing List, Vendor Advisory)

Frequently asked questions

What is CVE-2020-12755?: CVE-2020-12755 is a low-severity vulnerability in Kde Kio-extras. CVSS score: 3.3/10. Published 2020-05-09.
How severe is CVE-2020-12755?: Low severity. CVSS v3 base score is 3.3 out of 10.