KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the user:password@host form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Konqueror | Kde | 2.1.1 (including) | 2.1.1 (including) |
| Konqueror | Kde | 2.2.2 (including) | 2.2.2 (including) |
| Konqueror | Kde | 3.0 (including) | 3.0 (including) |
| Konqueror | Kde | 3.0.1 (including) | 3.0.1 (including) |
| Konqueror | Kde | 3.0.2 (including) | 3.0.2 (including) |
| Konqueror | Kde | 3.0.3 (including) | 3.0.3 (including) |
| Konqueror | Kde | 3.0.5 (including) | 3.0.5 (including) |
| Konqueror | Kde | 3.1 (including) | 3.1 (including) |
| Konqueror | Kde | 3.1.1 (including) | 3.1.1 (including) |
| Konqueror | Kde | 3.1.2 (including) | 3.1.2 (including) |
| Konqueror_embedded | Kde | 0.1 (including) | 0.1 (including) |
| Analog_real-time_synthesizer | Redhat | 2.1.1-5 (including) | 2.1.1-5 (including) |
| Analog_real-time_synthesizer | Redhat | 2.2-11 (including) | 2.2-11 (including) |
| Kdebase | Redhat | 3.0.3-13 (including) | 3.0.3-13 (including) |
| Kdelibs | Redhat | 2.1.1-5 (including) | 2.1.1-5 (including) |
| Kdelibs | Redhat | 2.2-11 (including) | 2.2-11 (including) |
| Kdelibs | Redhat | 3.0.0-10 (including) | 3.0.0-10 (including) |
| Kdelibs | Redhat | 3.1-10 (including) | 3.1-10 (including) |
| Kdelibs_devel | Redhat | 2.1.1-5 (including) | 2.1.1-5 (including) |
| Kdelibs_devel | Redhat | 2.2-11 (including) | 2.2-11 (including) |
| Kdelibs_devel | Redhat | 3.0.0-10 (including) | 3.0.0-10 (including) |
| Kdelibs_devel | Redhat | 3.0.3-8 (including) | 3.0.3-8 (including) |
| Kdelibs_devel | Redhat | 3.1-10 (including) | 3.1-10 (including) |
| Kdelibs_sound | Redhat | 2.1.1-5 (including) | 2.1.1-5 (including) |
| Kdelibs_sound | Redhat | 2.2-11 (including) | 2.2-11 (including) |
| Kdelibs_sound_devel | Redhat | 2.1.1-5 (including) | 2.1.1-5 (including) |
| Kdelibs_sound_devel | Redhat | 2.2-11 (including) | 2.2-11 (including) |
| Red Hat Enterprise Linux AS (Advanced Server) version 2.1 | RedHat | * | |
| Red Hat Enterprise Linux ES version 2.1 | RedHat | * | |
| Red Hat Enterprise Linux WS version 2.1 | RedHat | * | |
| Red Hat Linux 7.1 | RedHat | * | |
| Red Hat Linux 7.2 | RedHat | * | |
| Red Hat Linux 7.3 | RedHat | * | |
| Red Hat Linux 8.0 | RedHat | * | |
| Red Hat Linux 9 | RedHat | * | |
| Red Hat Linux Advanced Workstation 2.1 | RedHat | * | |
| Kdelibs | Ubuntu | dapper | * |
| Kdelibs | Ubuntu | devel | * |
| Kdelibs | Ubuntu | edgy | * |
| Kdelibs | Ubuntu | feisty | * |