MGASA-2018-0189

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2018-0189.html

Import Source

https://advisories.mageia.org/MGASA-2018-0189.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2018-0189

Upstream

CVE-2018-4919

CVE-2018-4920

Published

2018-04-01T08:26:33Z

Modified

2026-04-16T06:25:49.490551289Z

Summary

Updated flash-player-plugin packages fix security vulnerability

Details

It was found that flash versions older than 29.0.0.113 contained a use after free vulnerability that could lead to remote code execution (CVE-2018-4919).

A second vulnerability was a type confusion which could also lead to remote code execution (CVE-2018-4920).

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:6 / flash-player-plugin

Package

Name: flash-player-plugin
Purl: pkg:rpm/mageia/flash-player-plugin?arch=source&distro=mageia-6

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

29.0.0.113-1.mga6.nonfree

Ecosystem specific

{
    "section": "nonfree"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2018-0189.json"