CVE-2018-10380

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-10380
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-10380.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-10380
Downstream
Related
Published
2018-05-08T12:29:00.210Z
Modified
2025-11-14T05:26:51.809600Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary files via a symlink attack.

References

Affected packages

Git / github.com/kde/plasma-workspace

Affected ranges

Type
GIT
Repo
https://github.com/kde/plasma-workspace
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
8b9e471fe578fe68a2118b1f5ce90ffe72dc11dc

Affected versions

v4.*

v4.96.0
v4.97.0
v4.98.0

v5.*

v5.0.0
v5.0.1
v5.0.95
v5.1.0
v5.1.1
v5.1.95
v5.10.0
v5.10.1
v5.10.2
v5.10.3
v5.10.4
v5.10.5
v5.10.95
v5.11.0
v5.11.1
v5.11.2
v5.11.3
v5.11.4
v5.11.5
v5.11.95
v5.12.0
v5.12.1
v5.12.2
v5.12.3
v5.12.4
v5.12.5
v5.2.0
v5.2.1
v5.2.2
v5.2.95
v5.3.0
v5.3.1
v5.3.2
v5.3.95
v5.4.0
v5.4.1
v5.4.2
v5.4.95
v5.5.0
v5.5.1
v5.5.2
v5.5.3
v5.5.4
v5.5.5
v5.5.95
v5.6.0
v5.6.1
v5.6.2
v5.6.3
v5.6.4
v5.7.0
v5.7.1
v5.7.2
v5.7.3
v5.7.4
v5.7.95
v5.8.0
v5.8.1
v5.8.2
v5.8.3
v5.8.4
v5.8.5
v5.8.6
v5.8.7
v5.8.8
v5.8.9
v5.8.95
v5.9.0
v5.9.1
v5.9.2
v5.9.3
v5.9.4
v5.9.5
v5.9.95

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-10380.json"