{"id":"MGASA-2018-0189","summary":"Updated flash-player-plugin packages fix security vulnerability","details":"It was found that flash versions older than 29.0.0.113 contained a use\nafter free vulnerability that could lead to remote code execution\n(CVE-2018-4919).\n\nA second vulnerability was a type confusion which could also lead to\nremote code execution (CVE-2018-4920).\n","modified":"2026-04-16T06:25:49.490551289Z","published":"2018-04-01T08:26:33Z","upstream":["CVE-2018-4919","CVE-2018-4920"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0189.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=22767"},{"type":"WEB","url":"https://helpx.adobe.com/security/products/flash-player/apsb18-05.html"}],"affected":[{"package":{"name":"flash-player-plugin","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/flash-player-plugin?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"29.0.0.113-1.mga6.nonfree"}]}],"ecosystem_specific":{"section":"nonfree"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0189.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}