Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-3xvh-uxv2-nyht
Summarylibreoffice: Information disclosure via SMB connection embedded in malicious file
Aliases
0
alias CVE-2018-10583
Fixed_packages
Affected_packages
0
url pkg:rpm/redhat/libreoffice@1:5.3.6.1-19?arch=el7
purl pkg:rpm/redhat/libreoffice@1:5.3.6.1-19?arch=el7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-3xvh-uxv2-nyht
1
vulnerability VCID-jmtk-qy9f-z3hu
2
vulnerability VCID-sqwy-enu1-1uep
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/libreoffice@1:5.3.6.1-19%3Farch=el7
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10583.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-10583.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-10583
reference_id
reference_type
scores
0
value 0.71895
scoring_system epss
scoring_elements 0.9873
published_at 2026-04-01T12:55:00Z
1
value 0.71895
scoring_system epss
scoring_elements 0.98749
published_at 2026-04-24T12:55:00Z
2
value 0.71895
scoring_system epss
scoring_elements 0.98744
published_at 2026-04-16T12:55:00Z
3
value 0.71895
scoring_system epss
scoring_elements 0.98745
published_at 2026-04-18T12:55:00Z
4
value 0.71895
scoring_system epss
scoring_elements 0.98746
published_at 2026-04-21T12:55:00Z
5
value 0.71895
scoring_system epss
scoring_elements 0.98731
published_at 2026-04-02T12:55:00Z
6
value 0.71895
scoring_system epss
scoring_elements 0.98734
published_at 2026-04-04T12:55:00Z
7
value 0.71895
scoring_system epss
scoring_elements 0.98737
published_at 2026-04-07T12:55:00Z
8
value 0.71895
scoring_system epss
scoring_elements 0.98738
published_at 2026-04-09T12:55:00Z
9
value 0.71895
scoring_system epss
scoring_elements 0.98741
published_at 2026-04-12T12:55:00Z
10
value 0.71895
scoring_system epss
scoring_elements 0.98742
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-10583
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10583
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10583
3
reference_url http://seclists.org/fulldisclosure/2020/Oct/26
reference_id
reference_type
scores
url http://seclists.org/fulldisclosure/2020/Oct/26
4
reference_url http://secureyourit.co.uk/wp/2018/05/01/creating-malicious-odt-files/
reference_id
reference_type
scores
url http://secureyourit.co.uk/wp/2018/05/01/creating-malicious-odt-files/
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://lists.apache.org/thread.html/0598708912978b27121b2e380b44a225c706aca882cd1da6a955a0af%40%3Cdev.openoffice.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/0598708912978b27121b2e380b44a225c706aca882cd1da6a955a0af%40%3Cdev.openoffice.apache.org%3E
7
reference_url https://lists.apache.org/thread.html/6c65f22306c36c95e75f8d2b7f49cfcbeb0a4614245c20934612a39d%40%3Cdev.openoffice.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/6c65f22306c36c95e75f8d2b7f49cfcbeb0a4614245c20934612a39d%40%3Cdev.openoffice.apache.org%3E
8
reference_url https://lists.apache.org/thread.html/c8fd59ac77b42aac90eb5c59b87f3ab59b5e0c3bfb4819aa649a2909%40%3Cdev.openoffice.apache.org%3E
reference_id
reference_type
scores
url https://lists.apache.org/thread.html/c8fd59ac77b42aac90eb5c59b87f3ab59b5e0c3bfb4819aa649a2909%40%3Cdev.openoffice.apache.org%3E
9
reference_url https://security-tracker.debian.org/tracker/CVE-2018-10583
reference_id
reference_type
scores
url https://security-tracker.debian.org/tracker/CVE-2018-10583
10
reference_url https://www.exploit-db.com/exploits/44564/
reference_id
reference_type
scores
url https://www.exploit-db.com/exploits/44564/
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1574998
reference_id 1574998
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1574998
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:4.1.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:apache:openoffice:4.1.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:apache:openoffice:4.1.5:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:6.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:libreoffice:libreoffice:6.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:libreoffice:libreoffice:6.0.3:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
22
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/44564.py
reference_id CVE-2018-10583
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/44564.py
23
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-10583
reference_id CVE-2018-10583
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
1
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2018-10583
24
reference_url https://access.redhat.com/errata/RHSA-2018:3054
reference_id RHSA-2018:3054
reference_type
scores
url https://access.redhat.com/errata/RHSA-2018:3054
25
reference_url https://usn.ubuntu.com/3883-1/
reference_id USN-3883-1
reference_type
scores
url https://usn.ubuntu.com/3883-1/
Weaknesses
0
cwe_id 200
name Exposure of Sensitive Information to an Unauthorized Actor
description The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
Exploits
0
date_added 2018-05-02
description LibreOffice/Open Office - '.odt' Information Disclosure
required_action null
due_date null
notes null
known_ransomware_campaign_use false
source_date_published 2018-05-02
exploit_type local
platform windows
source_date_updated 2018-05-02
data_source Exploit-DB
source_url
1
date_added null
description Generates a Malicious ODT File which can be used with auxiliary/server/capture/smb or similar to capture hashes.
required_action null
due_date null
notes 
{}
known_ransomware_campaign_use false
source_date_published 2018-05-01
exploit_type null
platform
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/auxiliary/fileformat/odt_badodt.rb
Severity_range_score4.3 - 7.5
Exploitability2.0
Weighted_severity6.8
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-3xvh-uxv2-nyht