CVE-2018-10886

Publication date 16 July 2018

Last updated 4 August 2025

Ubuntu priority

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: this candidate is not about any specific product, protocol, or design, that falls into the scope of the assigning CNA. Notes: None

Status

Show unmaintained releases

Package	Ubuntu Release	Status
ant	18.04 LTS bionic	Fixed 1.10.3-1ubuntu0.1
	17.10 artful	Ignored end of life
	16.04 LTS xenial	Fixed 1.9.6-1ubuntu1.1
	14.04 LTS trusty	Fixed 1.9.3-2ubuntu0.1

How can I get the fixes?
What do statuses mean?
Patch details

Patch details

For informational purposes only. We recommend not to cherry-pick updates. How can I get the fixes?

Package	Patch details
ant	Upstream: e56e545 Upstream: 1a2b1e3 Upstream: f72406d Upstream: 857095d Upstream: 6a41d62 Upstream: 5a8c37b

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-3721-1
Apache Ant vulnerability
24 July 2018

Other references

https://snyk.io/research/zip-slip-vulnerability
https://www.cve.org/CVERecord?id=CVE-2018-10886