Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-3kbw-uxg3-8ugu
Vulnerability ID VCID-3kbw-uxg3-8ugu
Aliases CVE-2018-8778
GHSA-wvhq-ch4h-8pwr
Summary
Status Published
Exploitability None
Weighted Severity None
Risk None
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
System Score Found at
cvssv3 4.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8778.json
epss 0.00537 https://api.first.org/data/v1/epss?cve=CVE-2018-8778
cvssv3 6.5 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3 7.5 https://nvd.nist.gov/vuln/detail/CVE-2018-8778
cvssv3 7.5 https://www.ruby-lang.org/en/news/2018/03/28/buffer-under-read-unpack-cve-2018-8778/
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8778.json
https://api.first.org/data/v1/epss?cve=CVE-2018-8778
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17405
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17742
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17790
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000073
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000074
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000075
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000076
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000077
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000078
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000079
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6914
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8777
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8778
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8779
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8780
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://nvd.nist.gov/vuln/detail/CVE-2018-8778
https://www.ruby-lang.org/en/news/2018/03/28/buffer-under-read-unpack-cve-2018-8778/
1561953 https://bugzilla.redhat.com/show_bug.cgi?id=1561953
RHSA-2020:1963 https://access.redhat.com/errata/RHSA-2020:1963
RHSA-2020:2212 https://access.redhat.com/errata/RHSA-2020:2212
RHSA-2020:2288 https://access.redhat.com/errata/RHSA-2020:2288
USN-3626-1 https://usn.ubuntu.com/3626-1/
No exploits are available.
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-8778.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.67786
EPSS Score 0.00537
Published At May 29, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-05-29T09:36:33.068472+00:00 Alpine Linux Importer Import https://secdb.alpinelinux.org/v3.6/main.json 38.6.0