{"id":"MGASA-2018-0477","summary":"Updated kio-extras packages fix security vulnerability","details":"The HTML thumbnailer was incorrectly accessing some content of remote\nURLs listed in HTML files. This meant that the owners of the servers\nreferred in HTML files in your system could have seen in their access\nlogs your IP address every time the thumbnailer tried to create the\nthumbnail (CVE-2018-19120).\n","modified":"2026-04-16T06:23:04.231795426Z","published":"2018-12-06T12:10:17Z","upstream":["CVE-2018-19120"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2018-0477.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=23868"},{"type":"ADVISORY","url":"https://www.kde.org/info/security/advisory-20181012-1.txt"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/CWRCGXLPJHM4OFD66BINH2FIMYHRCRKF/"}],"affected":[{"package":{"name":"kio-extras","ecosystem":"Mageia:6","purl":"pkg:rpm/mageia/kio-extras?arch=source&distro=mageia-6"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"17.12.2-4.1.mga6"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2018-0477.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}