vulnerability
Ubuntu: (CVE-2018-10380): kwallet-pam vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 7 | (AV:L/AC:L/Au:N/C:C/I:C/A:C) | May 8, 2018 | Jun 26, 2025 | Jun 26, 2025 |
Severity
7
CVSS
(AV:L/AC:L/Au:N/C:C/I:C/A:C)
Published
May 8, 2018
Added
Jun 26, 2025
Modified
Jun 26, 2025
Description
kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary files via a symlink attack.
Solution
no-fix-ubuntu-package
References
- CVE-2018-10380
- https://attackerkb.com/topics/CVE-2018-10380
- URL-https://commits.kde.org/kwallet-pam/01d4143fda5bddb6dca37b23304dc239a5fb38b5
- URL-https://commits.kde.org/kwallet-pam/2134dec85ce19d6378d03cddfae9e5e464cb24c0
- URL-https://commits.kde.org/kwallet-pam/802f305d81f8771c4f4a8bd7fd0e368ffc6f9b3b
- URL-https://commits.kde.org/kwallet-pam/99abc7fde21f40cc6da5feb6ee766cc46fcca1f8
- URL-https://www.cve.org/CVERecord?id=CVE-2018-10380
- URL-https://www.kde.org/info/security/advisory-20180503-1.txt
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.