CVE-2017-6410
Affected components: KDE kio (kpac/script.cpp) before 5.32 and kde4libs before 4.14.30. Root cause / flaw: PAC FindProxyForURL called with a full HTTPS URL, potentially including Basic Auth credentials, a query string, or PATH_INFO, enabling leakage of sensitive information via crafted PAC files....