debian · CVE-2018-19120

Quick triage

Priority: not yet assigned Published: Updated: Sun, 12 Jul 2026 15:01:28 GMT

View at Official debian advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2018-19120 not yet assigned priority: Debian including 1 source packages (kio-extras), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.

Description:

The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows attackers to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address.

cvelogic Threat Intelligence