CVE-2018-19120

Опубликовано: 29 нояб. 2018

Источник: debian

EPSS Низкий

Описание

The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows attackers to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
kio-extras	fixed	4:18.08.3-1		package
kio-extras	no-dsa		stretch	package
kde-runtime	removed			package
kde-runtime	ignored		buster	package
kde-runtime	no-dsa		stretch	package
kde-runtime	ignored		jessie	package

Примечания

https://www.kde.org/info/security/advisory-20181012-1.txt

EPSS

Процентиль: 50%

0.00265

Низкий

Связанные уязвимости

CVE-2018-19120

CVSS3: 7.5

ubuntu

около 7 лет назад

The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows attackers to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address.

CVE-2018-19120

CVSS3: 7.5

nvd

около 7 лет назад

The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows attackers to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address.

GHSA-39rp-qwx2-562v

CVSS3: 7.5

github

больше 3 лет назад

The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows attackers to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address.

EPSS

Процентиль: 50%

0.00265

Низкий