[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2018-10840":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T02:53:27.892Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":30,"aliases":40,"duplicate_of":9,"upstream":41,"downstream":42,"duplicates":61,"related":62,"reserved_at":9,"published_at":68,"modified_at":69,"state":70,"summary":71,"references_raw":79,"kevs":114,"epss":115,"epss_history":118,"metrics":378,"affected":395},"CVE-2018-10840","Linux kernel is vulnerable to a heap-based buffer overflow in the fs/ext4/xattr.c:ext4_xattr_set_entry() function. An attacker could exploit this by operating on a mounted crafted ext4 image.",null,[11,20],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-787","Out-of-bounds Write","The product writes data past the end, or before the beginning, of the intended buffer.","weakness","Draft","Base","High",[],{"_key":21,"id":21,"name":22,"description":23,"type":15,"status":16,"abstraction":24,"likelihood_of_exploit":18,"capec":25},"CWE-122","Heap-based Buffer Overflow","A heap overflow condition is a buffer overflow, where the buffer that can be overwritten is allocated in the heap portion of memory, generally meaning that the buffer was allocated using a routine such as malloc().","Variant",[26],{"id":27,"name":28,"techniques":29},"CAPEC-92","Forced Integer Overflow",[],[31],{"_key":32,"name":33,"source":34,"url":35,"maturity":36,"reliability_score":37,"verified":38,"type":9,"platforms":39,"requires_auth":9,"exploitdb":9,"metasploit":9},"REF_A732B5164AAD797B","Exploit Reference (bugzilla.redhat.com)","reference","https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10840","unknown",0.2,false,[],[],[],[43,45,47,49,51,53,55,57,59],{"_key":44},"RHSA-2019:0162",{"_key":46},"MGASA-2018-0324",{"_key":48},"MGASA-2018-0340",{"_key":50},"MGASA-2018-0341",{"_key":52},"UBUNTU-CVE-2018-10840",{"_key":54},"DEBIAN-CVE-2018-10840",{"_key":56},"USN-3752-1",{"_key":58},"USN-3752-2",{"_key":60},"USN-3752-3",[],[63,64,65,66],{"_key":46},{"_key":48},{"_key":50},{"_key":67},"CGA-WX2W-7GQG-C45F","2018-07-16T20:00:00.000Z","2024-08-05T07:46:47.078Z","Modified",{"cisa_kev":38,"cisa_ransomware":38,"cisa_vendor":9,"epss_severity":72,"epss_score":73,"severity":74,"severity_score":75,"severity_version":76,"severity_source":77,"severity_vector":78,"severity_status":70},"low",0.00103,"high",7.2,"v2.0","nvd","AV:L/AC:L/Au:N/C:C/I:C/A:C",[80,88,92,97,104,110],{"url":81,"sources":82,"tags":84},"https://usn.ubuntu.com/3752-2/",[83,77],"cve.org",[85,86,87],"Vendor Advisory","X Refsource UBUNTU","Third Party Advisory",{"url":89,"sources":90,"tags":91},"https://usn.ubuntu.com/3752-3/",[83,77],[85,86,87],{"url":93,"sources":94,"tags":95},"https://access.redhat.com/errata/RHSA-2019:0162",[83,77],[85,96,87],"X Refsource REDHAT",{"url":35,"sources":98,"tags":99},[83,77],[100,101,102,103,87],"X Refsource CONFIRM","Exploit","Issue Tracking","Patch",{"url":105,"sources":106,"tags":107},"http://www.securityfocus.com/bid/104858",[83,77],[108,109,87],"VDB Entry","X Refsource BID",{"url":111,"sources":112,"tags":113},"https://usn.ubuntu.com/3752-1/",[83,77],[85,86,87],[],{"date":116,"score":73,"percentile":117},"2026-06-03",0.27761,[119,122,125,128,131,133,136,139,142,145,148,151,153,156,159,163,166,169,172,175,177,180,183,185,187,189,192,195,198,200,203,206,209,211,214,216,219,222,225,228,231,234,237,240,243,246,249,252,255,258,261,264,266,269,272,275,278,281,284,287,290,293,296,298,301,304,307,310,313,316,319,322,325,327,330,332,336,339,342,345,348,351,354,357,360,363,366,369,372,375],{"date":120,"score":73,"percentile":121},"2025-11-04",0.28845,{"date":123,"score":73,"percentile":124},"2025-11-05",0.28812,{"date":126,"score":73,"percentile":127},"2025-11-06",0.28825,{"date":129,"score":73,"percentile":130},"2025-11-07",0.28822,{"date":132,"score":73,"percentile":130},"2025-11-08",{"date":134,"score":73,"percentile":135},"2025-11-09",0.28793,{"date":137,"score":73,"percentile":138},"2025-11-10",0.28772,{"date":140,"score":73,"percentile":141},"2025-11-11",0.28795,{"date":143,"score":73,"percentile":144},"2025-11-12",0.28844,{"date":146,"score":73,"percentile":147},"2025-11-13",0.28854,{"date":149,"score":73,"percentile":150},"2025-11-14",0.28847,{"date":152,"score":73,"percentile":144},"2025-11-15",{"date":154,"score":73,"percentile":155},"2025-11-16",0.28813,{"date":157,"score":73,"percentile":158},"2025-11-17",0.28797,{"date":160,"score":161,"percentile":162},"2025-11-18",0.00057,0.1351,{"date":164,"score":161,"percentile":165},"2025-11-19",0.13528,{"date":167,"score":161,"percentile":168},"2025-11-20",0.13542,{"date":170,"score":73,"percentile":171},"2025-11-21",0.28834,{"date":173,"score":73,"percentile":174},"2025-11-22",0.28846,{"date":176,"score":73,"percentile":155},"2025-11-23",{"date":178,"score":73,"percentile":179},"2025-11-24",0.28788,{"date":181,"score":73,"percentile":182},"2025-11-25",0.28782,{"date":184,"score":73,"percentile":182},"2025-11-26",{"date":186,"score":73,"percentile":158},"2025-11-27",{"date":188,"score":73,"percentile":138},"2025-11-28",{"date":190,"score":73,"percentile":191},"2025-11-29",0.28763,{"date":193,"score":73,"percentile":194},"2025-11-30",0.28739,{"date":196,"score":73,"percentile":197},"2025-12-01",0.288,{"date":199,"score":73,"percentile":127},"2025-12-02",{"date":201,"score":73,"percentile":202},"2025-12-03",0.28832,{"date":204,"score":73,"percentile":205},"2025-12-04",0.28757,{"date":207,"score":73,"percentile":208},"2025-12-05",0.28794,{"date":210,"score":73,"percentile":135},"2025-12-06",{"date":212,"score":73,"percentile":213},"2025-12-07",0.28762,{"date":215,"score":73,"percentile":138},"2025-12-08",{"date":217,"score":73,"percentile":218},"2025-12-09",0.28829,{"date":220,"score":73,"percentile":221},"2025-12-10",0.28897,{"date":223,"score":73,"percentile":224},"2025-12-11",0.28926,{"date":226,"score":73,"percentile":227},"2025-12-12",0.28946,{"date":229,"score":73,"percentile":230},"2025-12-13",0.28943,{"date":232,"score":73,"percentile":233},"2025-12-14",0.28912,{"date":235,"score":73,"percentile":236},"2025-12-15",0.2888,{"date":238,"score":73,"percentile":239},"2025-12-16",0.28898,{"date":241,"score":73,"percentile":242},"2025-12-17",0.28953,{"date":244,"score":73,"percentile":245},"2025-12-18",0.29,{"date":247,"score":73,"percentile":248},"2025-12-19",0.29008,{"date":250,"score":73,"percentile":251},"2025-12-20",0.28975,{"date":253,"score":73,"percentile":254},"2025-12-21",0.28927,{"date":256,"score":73,"percentile":257},"2025-12-22",0.28892,{"date":259,"score":73,"percentile":260},"2025-12-23",0.28863,{"date":262,"score":73,"percentile":263},"2025-12-24",0.28873,{"date":265,"score":73,"percentile":227},"2025-12-25",{"date":267,"score":73,"percentile":268},"2025-12-26",0.2894,{"date":270,"score":73,"percentile":271},"2025-12-27",0.28934,{"date":273,"score":73,"percentile":274},"2025-12-28",0.28853,{"date":276,"score":73,"percentile":277},"2025-12-29",0.28827,{"date":279,"score":73,"percentile":280},"2025-12-30",0.28823,{"date":282,"score":73,"percentile":283},"2025-12-31",0.28886,{"date":285,"score":73,"percentile":286},"2026-01-01",0.29006,{"date":288,"score":73,"percentile":289},"2026-01-02",0.29004,{"date":291,"score":73,"percentile":292},"2026-01-03",0.28982,{"date":294,"score":73,"percentile":295},"2026-01-04",0.28861,{"date":297,"score":73,"percentile":274},"2026-01-05",{"date":299,"score":73,"percentile":300},"2026-01-06",0.28866,{"date":302,"score":73,"percentile":303},"2026-01-07",0.28896,{"date":305,"score":73,"percentile":306},"2026-01-08",0.28928,{"date":308,"score":73,"percentile":309},"2026-01-09",0.28914,{"date":311,"score":73,"percentile":312},"2026-01-10",0.28901,{"date":314,"score":73,"percentile":315},"2026-01-11",0.28881,{"date":317,"score":73,"percentile":318},"2026-01-12",0.2883,{"date":320,"score":73,"percentile":321},"2026-01-13",0.28809,{"date":323,"score":73,"percentile":324},"2026-01-14",0.28858,{"date":326,"score":73,"percentile":324},"2026-01-15",{"date":328,"score":73,"percentile":329},"2026-01-16",0.28885,{"date":331,"score":73,"percentile":329},"2026-01-17",{"date":333,"score":334,"percentile":335},"2026-01-18",0.00105,0.29308,{"date":337,"score":334,"percentile":338},"2026-01-19",0.29274,{"date":340,"score":334,"percentile":341},"2026-01-20",0.29257,{"date":343,"score":334,"percentile":344},"2026-01-21",0.29202,{"date":346,"score":334,"percentile":347},"2026-01-22",0.2917,{"date":349,"score":334,"percentile":350},"2026-01-23",0.29242,{"date":352,"score":334,"percentile":353},"2026-01-24",0.29239,{"date":355,"score":334,"percentile":356},"2026-01-25",0.29163,{"date":358,"score":334,"percentile":359},"2026-01-26",0.29078,{"date":361,"score":334,"percentile":362},"2026-01-27",0.29062,{"date":364,"score":334,"percentile":365},"2026-01-28",0.29045,{"date":367,"score":334,"percentile":368},"2026-01-29",0.29005,{"date":370,"score":334,"percentile":371},"2026-01-30",0.28994,{"date":373,"score":73,"percentile":374},"2026-01-31",0.28499,{"date":376,"score":73,"percentile":377},"2026-02-01",0.2857,[379,385],{"source":83,"cvss_v2_0":9,"cvss_v3_0":380,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":381,"baseSeverity":382,"vectorString":383,"impactScore":4,"exploitabilityScore":384},5.2,"MEDIUM","CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H",2.3,{"source":77,"cvss_v2_0":386,"cvss_v3_0":389,"cvss_v3_1":390,"cvss_v4_0":9},{"baseScore":75,"baseSeverity":9,"vectorString":78,"impactScore":387,"exploitabilityScore":388},10,3.9,{"baseScore":381,"baseSeverity":382,"vectorString":383,"impactScore":4,"exploitabilityScore":384},{"baseScore":391,"baseSeverity":382,"vectorString":392,"impactScore":393,"exploitabilityScore":394},6.6,"CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",9.8,1.8,[396,407,414,421],{"ecosystem":9,"name":397,"vendor":398,"product":399,"cpe_part":400,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":401},"ubuntu linux","canonical","ubuntu_linux","o",[402,405],{"version":403,"is_range":38,"range_type":404,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"14.04","cpe",{"version":406,"is_range":38,"range_type":404,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"18.04",{"ecosystem":9,"name":408,"vendor":409,"product":408,"cpe_part":410,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":411},"heap-based buffer overflow in fs/ext4/xattr.c","kernel","a",[412],{"version":413,"is_range":38,"range_type":83,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"n/a",{"ecosystem":9,"name":415,"vendor":416,"product":417,"cpe_part":400,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":418},"linux kernel","linux","linux_kernel",[419],{"version":420,"is_range":38,"range_type":404,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"na",{"ecosystem":9,"name":422,"vendor":423,"product":424,"cpe_part":400,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":425},"enterprise linux","redhat","enterprise_linux",[426],{"version":427,"is_range":38,"range_type":404,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"7.0"]