Lucene search

[email protected]NVD:CVE-2018-19120

HistoryNov 29, 2018 - 9:29 p.m.

CVE-2018-19120

2018-11-2921:29:00

CWE-200

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.002

Percentile

55.1%

JSON

The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows attackers to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address.

Affected configurations

Nvd

Node

kdekde_applicationsRange<18.12.0

VendorProductVersionCPE
kdekde_applications*cpe:2.3:a:kde:kde_applications:*:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
kde	kde_applications	*	cpe:2.3:a:kde:kde_applications::::::::

References

bugzilla.redhat.com/show_bug.cgi?id=1649420

lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CWRCGXLPJHM4OFD66BINH2FIMYHRCRKF/

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

EPSS

0.002

Percentile

55.1%

JSON

Related for NVD:CVE-2018-19120

nessus4 openvas4 debiancve1 prion1 fedora3 cvelist1 mageia1 ubuntucve1 redhatcve1 freebsd1 cve1