GCVE - cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:kde:kdegraphics:3.4.3:*:*:*:*:*:*:*

part: a version: 3.4.3 update: *

Vendor	Kde (`d8ba08cf-7ec1-5504-a5b9-f8cfa50ca850`)
Product	Kdegraphics (`c7a2e24f-570b-53b1-9b7d-cb08caab2be1`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:github/kde/kdegraphics`	purl2cpe	2026-06-01 10:14:05.638414

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2006-6297`	vulnerable	2026-06-03 14:27:52.853055	Details available Stack consumption vulnerability in the KFILE JPEG (kfile_jpeg) plugin in kdegraphics 3, as used by konqueror, digikam, and other KDE image browsers, allows remote attackers to cause a denial of service (stack consumption) via a crafted EXIF section in a JPEG file, which results in an infinite recursion. Published: 2006-12-05T11:00:00.000Z Updated: 2024-08-07T20:19:35.204Z Open on db.gcve.eu Reference links http://secunia.com/advisories/23728 http://www.mandriva.com/security/advisories?name=MDKSA-2006:227 http://secunia.com/advisories/23203 http://www.novell.com/linux/security/advisories/2006_73_mono.html http://security.gentoo.org/glsa/glsa-200701-05.xml	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-3626`	vulnerable	2026-06-03 14:27:10.606257	Details available Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference. Published: 2006-01-06T22:00:00.000Z Updated: 2024-08-07T23:17:23.446Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/16143 http://www.debian.org/security/2005/dsa-932 http://secunia.com/advisories/18349 http://secunia.com/advisories/18147 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-3625`	vulnerable	2026-06-03 14:27:10.602327	Details available Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins." Published: 2006-01-06T22:00:00.000Z Updated: 2024-08-07T23:17:23.366Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/16143 http://www.debian.org/security/2005/dsa-932 http://secunia.com/advisories/18349 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9575 http://secunia.com/advisories/18147	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2005-3624`	vulnerable	2026-06-03 14:27:10.530515	Details available The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. Published: 2006-01-06T22:00:00.000Z Updated: 2024-08-07T23:17:23.457Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/16143 http://www.debian.org/security/2005/dsa-932 http://secunia.com/advisories/18349 http://secunia.com/advisories/18147 ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.15/SCOSA-2006.15.txt	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.