Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/1067653?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "type": "deb", "namespace": "debian", "name": "xwayland", "version": "2:24.1.10-1", "qualifiers": { "distro": "trixie" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46286?format=api", "vulnerability_id": "VCID-1cjg-y5qm-sffh", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4008.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4008.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4008", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22403", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22471", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22514", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22459", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22474", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.2257", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22613", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.224", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22481", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22536", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00074", "scoring_system": "epss", "scoring_elements": "0.22555", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026059", "reference_id": "2026059", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026059" }, { "reference_url": "https://security.archlinux.org/AVG-2636", "reference_id": "AVG-2636", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2636" }, { "reference_url": "https://security.archlinux.org/AVG-2640", "reference_id": "AVG-2640", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2640" }, { "reference_url": "https://security.gentoo.org/glsa/202305-30", "reference_id": "GLSA-202305-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0003", "reference_id": "RHSA-2022:0003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1917", "reference_id": "RHSA-2022:1917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1917" }, { "reference_url": "https://usn.ubuntu.com/5193-1/", "reference_id": "USN-5193-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5193-1/" }, { "reference_url": "https://usn.ubuntu.com/5193-2/", "reference_id": "USN-5193-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5193-2/" }, { "reference_url": "https://usn.ubuntu.com/5193-3/", "reference_id": "USN-5193-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5193-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943714?format=api", "purl": "pkg:deb/debian/xwayland@2:21.1.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:21.1.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943713?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1pcv-f5h3-9fe9" }, { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-37e1-pzxj-2fdt" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-41cd-s77z-6bcc" }, { "vulnerability": "VCID-4ngr-6ccu-r7fv" }, { "vulnerability": "VCID-515f-a8yj-4fej" }, { "vulnerability": "VCID-5awx-j7z7-qyak" }, { "vulnerability": "VCID-6hwh-7tvr-sqgn" }, { "vulnerability": "VCID-6rcq-qxef-nuf7" }, { "vulnerability": "VCID-7nax-5yw9-eye8" }, { "vulnerability": "VCID-9cjy-6fj5-r7ag" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-fgnr-h7rm-83d4" }, { "vulnerability": "VCID-hkrr-v71f-xqdb" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-j6qd-r6ua-cfbm" }, { "vulnerability": "VCID-juet-bb4m-hkhq" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-p1tf-2c6u-tygr" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-phkz-t2yr-m7em" }, { "vulnerability": "VCID-qwqu-19wq-1ke8" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-trsp-u7xt-a3ck" }, { "vulnerability": "VCID-un9v-4svv-2baj" }, { "vulnerability": "VCID-v9p1-8sb6-9ufr" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" }, { "vulnerability": "VCID-x3p6-a59z-ebf3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-4008" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1cjg-y5qm-sffh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59264?format=api", "vulnerability_id": "VCID-1pcv-f5h3-9fe9", "summary": "A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26595.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26595.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26595", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05733", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05797", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05775", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05767", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05761", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05724", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05731", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05771", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18539", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18485", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26595" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26595", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26595" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906", "reference_id": "1098906", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907", "reference_id": "1098907", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345257", "reference_id": "2345257", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345257" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-26595", "reference_id": "CVE-2025-26595", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-26595" }, { "reference_url": "https://security.gentoo.org/glsa/202506-04", "reference_id": "GLSA-202506-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2500", "reference_id": "RHSA-2025:2500", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2502", "reference_id": "RHSA-2025:2502", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2502" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2861", "reference_id": "RHSA-2025:2861", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2862", "reference_id": "RHSA-2025:2862", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2865", "reference_id": "RHSA-2025:2865", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2866", "reference_id": "RHSA-2025:2866", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2873", "reference_id": "RHSA-2025:2873", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2874", "reference_id": "RHSA-2025:2874", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2875", "reference_id": "RHSA-2025:2875", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2879", "reference_id": "RHSA-2025:2879", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2880", "reference_id": "RHSA-2025:2880", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3976", "reference_id": "RHSA-2025:3976", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7163", "reference_id": "RHSA-2025:7163", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7165", "reference_id": "RHSA-2025:7165", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7458", "reference_id": "RHSA-2025:7458", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7458" }, { "reference_url": "https://usn.ubuntu.com/7299-1/", "reference_id": "USN-7299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-1/" }, { "reference_url": "https://usn.ubuntu.com/7299-2/", "reference_id": "USN-7299-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-2/" }, { "reference_url": "https://usn.ubuntu.com/7299-4/", "reference_id": "USN-7299-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-4/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-26595" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-1pcv-f5h3-9fe9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46300?format=api", "vulnerability_id": "VCID-28er-gwh3-rugq", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46342.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46342.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46342", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33954", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33978", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.3402", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34021", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33989", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.33947", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.3409", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00139", "scoring_system": "epss", "scoring_elements": "0.34059", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35225", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00148", "scoring_system": "epss", "scoring_elements": "0.35239", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071", "reference_id": "1026071", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151757", "reference_id": "2151757", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:21:01Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151757" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/", "reference_id": "5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:21:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2022-46342", "reference_id": "CVE-2022-46342", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:21:01Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2022-46342" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5304", "reference_id": "dsa-5304", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:21:01Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5304" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/", "reference_id": "DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:21:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/" }, { "reference_url": "https://security.gentoo.org/glsa/202305-30", "reference_id": "GLSA-202305-30", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:21:01Z/" } ], "url": "https://security.gentoo.org/glsa/202305-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0045", "reference_id": "RHSA-2023:0045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0046", "reference_id": "RHSA-2023:0046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2248", "reference_id": "RHSA-2023:2248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2249", "reference_id": "RHSA-2023:2249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2257", "reference_id": "RHSA-2023:2257", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2257" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2805", "reference_id": "RHSA-2023:2805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2806", "reference_id": "RHSA-2023:2806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2830", "reference_id": "RHSA-2023:2830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12751", "reference_id": "RHSA-2025:12751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12751" }, { "reference_url": "https://usn.ubuntu.com/5778-1/", "reference_id": "USN-5778-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5778-1/" }, { "reference_url": "https://usn.ubuntu.com/5778-2/", "reference_id": "USN-5778-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5778-2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/", "reference_id": "Z67QC4C3I2FI2WRFIUPEHKC36J362MLA", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:21:01Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943719?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943713?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1pcv-f5h3-9fe9" }, { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-37e1-pzxj-2fdt" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-41cd-s77z-6bcc" }, { "vulnerability": "VCID-4ngr-6ccu-r7fv" }, { "vulnerability": "VCID-515f-a8yj-4fej" }, { "vulnerability": "VCID-5awx-j7z7-qyak" }, { "vulnerability": "VCID-6hwh-7tvr-sqgn" }, { "vulnerability": "VCID-6rcq-qxef-nuf7" }, { "vulnerability": "VCID-7nax-5yw9-eye8" }, { "vulnerability": "VCID-9cjy-6fj5-r7ag" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-fgnr-h7rm-83d4" }, { "vulnerability": "VCID-hkrr-v71f-xqdb" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-j6qd-r6ua-cfbm" }, { "vulnerability": "VCID-juet-bb4m-hkhq" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-p1tf-2c6u-tygr" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-phkz-t2yr-m7em" }, { "vulnerability": "VCID-qwqu-19wq-1ke8" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-trsp-u7xt-a3ck" }, { "vulnerability": "VCID-un9v-4svv-2baj" }, { "vulnerability": "VCID-v9p1-8sb6-9ufr" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" }, { "vulnerability": "VCID-x3p6-a59z-ebf3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-46342" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-28er-gwh3-rugq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69421?format=api", "vulnerability_id": "VCID-2cp3-p3yx-17be", "summary": "xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49180.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49180.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49180", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17986", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18079", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1778", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17868", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17928", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17944", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17899", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.3612", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36105", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36079", "published_at": "2026-04-13T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49180" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49180", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49180" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369", "reference_id": "1108369", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369981", "reference_id": "2369981", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369981" }, { "reference_url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/3c3a4b767b16174d3213055947ea7f4f88e10ec6", "reference_id": "3c3a4b767b16174d3213055947ea7f4f88e10ec6", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/3c3a4b767b16174d3213055947ea7f4f88e10ec6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server", "reference_id": "cpe:/o:redhat:rhel_aus:7.7::server", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-49180", "reference_id": "CVE-2025-49180", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-49180" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10258", "reference_id": "RHSA-2025:10258", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10258" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10342", "reference_id": "RHSA-2025:10342", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10343", "reference_id": "RHSA-2025:10343", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10344", "reference_id": "RHSA-2025:10344", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10346", "reference_id": "RHSA-2025:10346", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10347", "reference_id": "RHSA-2025:10347", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10347" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10348", "reference_id": "RHSA-2025:10348", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10349", "reference_id": "RHSA-2025:10349", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10350", "reference_id": "RHSA-2025:10350", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10351", "reference_id": "RHSA-2025:10351", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10352", "reference_id": "RHSA-2025:10352", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10355", "reference_id": "RHSA-2025:10355", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10356", "reference_id": "RHSA-2025:10356", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10356" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10360", "reference_id": "RHSA-2025:10360", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10370", "reference_id": "RHSA-2025:10370", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10374", "reference_id": "RHSA-2025:10374", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10375", "reference_id": "RHSA-2025:10375", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10376", "reference_id": "RHSA-2025:10376", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10376" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10377", "reference_id": "RHSA-2025:10377", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10377" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10378", "reference_id": "RHSA-2025:10378", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10381", "reference_id": "RHSA-2025:10381", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10410", "reference_id": "RHSA-2025:10410", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10410" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9303", "reference_id": "RHSA-2025:9303", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9304", "reference_id": "RHSA-2025:9304", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9305", "reference_id": "RHSA-2025:9305", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9306", "reference_id": "RHSA-2025:9306", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9392", "reference_id": "RHSA-2025:9392", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9964", "reference_id": "RHSA-2025:9964", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9964" }, { "reference_url": "https://usn.ubuntu.com/7573-1/", "reference_id": "USN-7573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7573-1/" }, { "reference_url": "https://usn.ubuntu.com/7573-2/", "reference_id": "USN-7573-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7573-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943726?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-49180" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2cp3-p3yx-17be" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69419?format=api", "vulnerability_id": "VCID-2vrb-n6cc-c7bc", "summary": "xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49178.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49178.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49178", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21634", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21741", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.2178", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21768", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21711", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00071", "scoring_system": "epss", "scoring_elements": "0.21881", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00076", "scoring_system": "epss", "scoring_elements": "0.22897", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41013", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41027", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.41056", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49178" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49178", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49178" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369", "reference_id": "1108369", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369977", "reference_id": "2369977", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369977" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server", "reference_id": "cpe:/o:redhat:rhel_aus:7.7::server", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-49178", "reference_id": "CVE-2025-49178", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-49178" }, { "reference_url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/d55c54cecb5e83eaa2d56bed5cc4461f9ba318c2", "reference_id": "d55c54cecb5e83eaa2d56bed5cc4461f9ba318c2", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/d55c54cecb5e83eaa2d56bed5cc4461f9ba318c2" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10258", "reference_id": "RHSA-2025:10258", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10258" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10342", "reference_id": "RHSA-2025:10342", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10343", "reference_id": "RHSA-2025:10343", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10344", "reference_id": "RHSA-2025:10344", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10346", "reference_id": "RHSA-2025:10346", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10347", "reference_id": "RHSA-2025:10347", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10347" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10348", "reference_id": "RHSA-2025:10348", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10349", "reference_id": "RHSA-2025:10349", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10350", "reference_id": "RHSA-2025:10350", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10351", "reference_id": "RHSA-2025:10351", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10352", "reference_id": "RHSA-2025:10352", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10355", "reference_id": "RHSA-2025:10355", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10356", "reference_id": "RHSA-2025:10356", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10356" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10360", "reference_id": "RHSA-2025:10360", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10370", "reference_id": "RHSA-2025:10370", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10374", "reference_id": "RHSA-2025:10374", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10375", "reference_id": "RHSA-2025:10375", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10376", "reference_id": "RHSA-2025:10376", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10376" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10377", "reference_id": "RHSA-2025:10377", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10377" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10378", "reference_id": "RHSA-2025:10378", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10381", "reference_id": "RHSA-2025:10381", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10410", "reference_id": "RHSA-2025:10410", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10410" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9303", "reference_id": "RHSA-2025:9303", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9304", "reference_id": "RHSA-2025:9304", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9305", "reference_id": "RHSA-2025:9305", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9306", "reference_id": "RHSA-2025:9306", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9392", "reference_id": "RHSA-2025:9392", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9964", "reference_id": "RHSA-2025:9964", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9964" }, { "reference_url": "https://www.x.org/wiki/Development/Security/", "reference_id": "Security", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/" } ], "url": "https://www.x.org/wiki/Development/Security/" }, { "reference_url": "https://usn.ubuntu.com/7573-1/", "reference_id": "USN-7573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7573-1/" }, { "reference_url": "https://usn.ubuntu.com/7573-2/", "reference_id": "USN-7573-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7573-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943726?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-49178" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2vrb-n6cc-c7bc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59267?format=api", "vulnerability_id": "VCID-37e1-pzxj-2fdt", "summary": "A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26598.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26598.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26598", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06135", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06185", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06177", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06173", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06165", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06123", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06106", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00023", "scoring_system": "epss", "scoring_elements": "0.06148", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20528", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00066", "scoring_system": "epss", "scoring_elements": "0.20468", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26598" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26598", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26598" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906", "reference_id": "1098906", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907", "reference_id": "1098907", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345254", "reference_id": "2345254", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345254" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-26598", "reference_id": "CVE-2025-26598", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-26598" }, { "reference_url": "https://security.gentoo.org/glsa/202506-04", "reference_id": "GLSA-202506-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2500", "reference_id": "RHSA-2025:2500", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2502", "reference_id": "RHSA-2025:2502", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2502" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2861", "reference_id": "RHSA-2025:2861", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2862", "reference_id": "RHSA-2025:2862", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2865", "reference_id": "RHSA-2025:2865", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2866", "reference_id": "RHSA-2025:2866", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2873", "reference_id": "RHSA-2025:2873", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2874", "reference_id": "RHSA-2025:2874", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2875", "reference_id": "RHSA-2025:2875", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2879", "reference_id": "RHSA-2025:2879", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2880", "reference_id": "RHSA-2025:2880", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3976", "reference_id": "RHSA-2025:3976", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7163", "reference_id": "RHSA-2025:7163", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7165", "reference_id": "RHSA-2025:7165", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7458", "reference_id": "RHSA-2025:7458", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7458" }, { "reference_url": "https://usn.ubuntu.com/7299-1/", "reference_id": "USN-7299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-1/" }, { "reference_url": "https://usn.ubuntu.com/7299-2/", "reference_id": "USN-7299-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-2/" }, { "reference_url": "https://usn.ubuntu.com/7299-4/", "reference_id": "USN-7299-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-4/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-26598" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-37e1-pzxj-2fdt" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/267381?format=api", "vulnerability_id": "VCID-3f4a-m4rt-qqej", "summary": "", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34002", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34002" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-34002" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3f4a-m4rt-qqej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59265?format=api", "vulnerability_id": "VCID-41cd-s77z-6bcc", "summary": "A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26596.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26596.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26596", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05733", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05797", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05775", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05767", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05761", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05724", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05731", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05771", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18539", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18485", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26596" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26596", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26596" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906", "reference_id": "1098906", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907", "reference_id": "1098907", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345256", "reference_id": "2345256", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345256" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-26596", "reference_id": "CVE-2025-26596", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-26596" }, { "reference_url": "https://security.gentoo.org/glsa/202506-04", "reference_id": "GLSA-202506-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2500", "reference_id": "RHSA-2025:2500", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2502", "reference_id": "RHSA-2025:2502", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2502" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2861", "reference_id": "RHSA-2025:2861", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2862", "reference_id": "RHSA-2025:2862", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2865", "reference_id": "RHSA-2025:2865", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2866", "reference_id": "RHSA-2025:2866", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2873", "reference_id": "RHSA-2025:2873", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2874", "reference_id": "RHSA-2025:2874", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2875", "reference_id": "RHSA-2025:2875", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2879", "reference_id": "RHSA-2025:2879", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2880", "reference_id": "RHSA-2025:2880", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3976", "reference_id": "RHSA-2025:3976", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7163", "reference_id": "RHSA-2025:7163", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7165", "reference_id": "RHSA-2025:7165", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7458", "reference_id": "RHSA-2025:7458", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7458" }, { "reference_url": "https://usn.ubuntu.com/7299-1/", "reference_id": "USN-7299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-1/" }, { "reference_url": "https://usn.ubuntu.com/7299-2/", "reference_id": "USN-7299-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-2/" }, { "reference_url": "https://usn.ubuntu.com/7299-4/", "reference_id": "USN-7299-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-4/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-26596" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-41cd-s77z-6bcc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46298?format=api", "vulnerability_id": "VCID-44yr-b94s-nfd5", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46340.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46340.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46340", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0113", "scoring_system": "epss", "scoring_elements": "0.78262", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0113", "scoring_system": "epss", "scoring_elements": "0.78293", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0113", "scoring_system": "epss", "scoring_elements": "0.78275", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0113", "scoring_system": "epss", "scoring_elements": "0.78301", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0113", "scoring_system": "epss", "scoring_elements": "0.78307", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0113", "scoring_system": "epss", "scoring_elements": "0.78333", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0113", "scoring_system": "epss", "scoring_elements": "0.78316", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0113", "scoring_system": "epss", "scoring_elements": "0.78309", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01202", "scoring_system": "epss", "scoring_elements": "0.78952", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01202", "scoring_system": "epss", "scoring_elements": "0.78955", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071", "reference_id": "1026071", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151755", "reference_id": "2151755", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151755" }, { "reference_url": "https://security.gentoo.org/glsa/202305-30", "reference_id": "GLSA-202305-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0045", "reference_id": "RHSA-2023:0045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0046", "reference_id": "RHSA-2023:0046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2248", "reference_id": "RHSA-2023:2248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2249", "reference_id": "RHSA-2023:2249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2257", "reference_id": "RHSA-2023:2257", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2257" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2805", "reference_id": "RHSA-2023:2805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2806", "reference_id": "RHSA-2023:2806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2830", "reference_id": "RHSA-2023:2830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12751", "reference_id": "RHSA-2025:12751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12751" }, { "reference_url": "https://usn.ubuntu.com/5778-1/", "reference_id": "USN-5778-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5778-1/" }, { "reference_url": "https://usn.ubuntu.com/5778-2/", "reference_id": "USN-5778-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5778-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943719?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943713?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1pcv-f5h3-9fe9" }, { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-37e1-pzxj-2fdt" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-41cd-s77z-6bcc" }, { "vulnerability": "VCID-4ngr-6ccu-r7fv" }, { "vulnerability": "VCID-515f-a8yj-4fej" }, { "vulnerability": "VCID-5awx-j7z7-qyak" }, { "vulnerability": "VCID-6hwh-7tvr-sqgn" }, { "vulnerability": "VCID-6rcq-qxef-nuf7" }, { "vulnerability": "VCID-7nax-5yw9-eye8" }, { "vulnerability": "VCID-9cjy-6fj5-r7ag" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-fgnr-h7rm-83d4" }, { "vulnerability": "VCID-hkrr-v71f-xqdb" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-j6qd-r6ua-cfbm" }, { "vulnerability": "VCID-juet-bb4m-hkhq" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-p1tf-2c6u-tygr" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-phkz-t2yr-m7em" }, { "vulnerability": "VCID-qwqu-19wq-1ke8" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-trsp-u7xt-a3ck" }, { "vulnerability": "VCID-un9v-4svv-2baj" }, { "vulnerability": "VCID-v9p1-8sb6-9ufr" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" }, { "vulnerability": "VCID-x3p6-a59z-ebf3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-46340" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-44yr-b94s-nfd5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41834?format=api", "vulnerability_id": "VCID-4ngr-6ccu-r7fv", "summary": "A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31083.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31083.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31083", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27902", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27995", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27952", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27893", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.28048", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.28089", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27884", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27951", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00101", "scoring_system": "epss", "scoring_elements": "0.27992", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31083" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272000", "reference_id": "2272000", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2272000" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client", "reference_id": "cpe:/o:redhat:enterprise_linux:7::client", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode", "reference_id": "cpe:/o:redhat:enterprise_linux:7::computenode", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server", "reference_id": "cpe:/o:redhat:enterprise_linux:7::server", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation", "reference_id": "cpe:/o:redhat:enterprise_linux:7::workstation", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-31083", "reference_id": "CVE-2024-31083", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-31083" }, { "reference_url": "https://security.gentoo.org/glsa/202411-08", "reference_id": "GLSA-202411-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202411-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1785", "reference_id": "RHSA-2024:1785", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2036", "reference_id": "RHSA-2024:2036", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2036" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2037", "reference_id": "RHSA-2024:2037", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2037" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2038", "reference_id": "RHSA-2024:2038", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2038" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2039", "reference_id": "RHSA-2024:2039", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2039" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2040", "reference_id": "RHSA-2024:2040", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2041", "reference_id": "RHSA-2024:2041", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2042", "reference_id": "RHSA-2024:2042", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2080", "reference_id": "RHSA-2024:2080", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2616", "reference_id": "RHSA-2024:2616", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2616" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3258", "reference_id": "RHSA-2024:3258", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:3258" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3261", "reference_id": "RHSA-2024:3261", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:3261" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3343", "reference_id": "RHSA-2024:3343", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:3343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9093", "reference_id": "RHSA-2024:9093", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:9093" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9122", "reference_id": "RHSA-2024:9122", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:9122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12751", "reference_id": "RHSA-2025:12751", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12751" }, { "reference_url": "https://usn.ubuntu.com/6721-1/", "reference_id": "USN-6721-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6721-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943724?format=api", "purl": "pkg:deb/debian/xwayland@2:23.2.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-31083" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-4ngr-6ccu-r7fv" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59271?format=api", "vulnerability_id": "VCID-515f-a8yj-4fej", "summary": "A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26600.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26600.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26600", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05733", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05797", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05775", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05767", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05761", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05724", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05731", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05771", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18539", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18485", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26600" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26600", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26600" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906", "reference_id": "1098906", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907", "reference_id": "1098907", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345252", "reference_id": "2345252", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345252" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-26600", "reference_id": "CVE-2025-26600", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-26600" }, { "reference_url": "https://security.gentoo.org/glsa/202506-04", "reference_id": "GLSA-202506-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2500", "reference_id": "RHSA-2025:2500", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2502", "reference_id": "RHSA-2025:2502", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2502" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2861", "reference_id": "RHSA-2025:2861", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2862", "reference_id": "RHSA-2025:2862", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2865", "reference_id": "RHSA-2025:2865", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2866", "reference_id": "RHSA-2025:2866", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2873", "reference_id": "RHSA-2025:2873", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2874", "reference_id": "RHSA-2025:2874", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2875", "reference_id": "RHSA-2025:2875", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2879", "reference_id": "RHSA-2025:2879", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2880", "reference_id": "RHSA-2025:2880", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3976", "reference_id": "RHSA-2025:3976", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7163", "reference_id": "RHSA-2025:7163", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7165", "reference_id": "RHSA-2025:7165", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7458", "reference_id": "RHSA-2025:7458", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7458" }, { "reference_url": "https://usn.ubuntu.com/7299-1/", "reference_id": "USN-7299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-1/" }, { "reference_url": "https://usn.ubuntu.com/7299-2/", "reference_id": "USN-7299-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-2/" }, { "reference_url": "https://usn.ubuntu.com/7299-4/", "reference_id": "USN-7299-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-4/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-26600" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-515f-a8yj-4fej" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49329?format=api", "vulnerability_id": "VCID-5awx-j7z7-qyak", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0408.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0408.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0408", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00017", "scoring_system": "epss", "scoring_elements": "0.04147", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04857", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04874", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00019", "scoring_system": "epss", "scoring_elements": "0.04831", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06496", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06491", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06473", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06484", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06409", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00024", "scoring_system": "epss", "scoring_elements": "0.06453", "published_at": "2026-04-08T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257689", "reference_id": "2257689", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257689" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client", "reference_id": "cpe:/o:redhat:enterprise_linux:7::client", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode", "reference_id": "cpe:/o:redhat:enterprise_linux:7::computenode", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server", "reference_id": "cpe:/o:redhat:enterprise_linux:7::server", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation", "reference_id": "cpe:/o:redhat:enterprise_linux:7::workstation", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-0408", "reference_id": "CVE-2024-0408", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-0408" }, { "reference_url": "https://security.gentoo.org/glsa/202401-30", "reference_id": "GLSA-202401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202401-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0320", "reference_id": "RHSA-2024:0320", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2169", "reference_id": "RHSA-2024:2169", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2170", "reference_id": "RHSA-2024:2170", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2995", "reference_id": "RHSA-2024:2995", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2996", "reference_id": "RHSA-2024:2996", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2996" }, { "reference_url": "https://usn.ubuntu.com/6587-1/", "reference_id": "USN-6587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6587-1/" }, { "reference_url": "https://usn.ubuntu.com/6587-2/", "reference_id": "USN-6587-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6587-2/" }, { "reference_url": "https://usn.ubuntu.com/6587-5/", "reference_id": "USN-6587-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6587-5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943723?format=api", "purl": "pkg:deb/debian/xwayland@2:23.2.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-0408" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "5.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-5awx-j7z7-qyak" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59266?format=api", "vulnerability_id": "VCID-6hwh-7tvr-sqgn", "summary": "A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26597.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26597.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26597", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05733", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05797", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05775", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05767", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05761", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05724", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05731", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05771", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18539", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18485", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26597" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26597", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26597" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906", "reference_id": "1098906", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907", "reference_id": "1098907", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345255", "reference_id": "2345255", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345255" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-26597", "reference_id": "CVE-2025-26597", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-26597" }, { "reference_url": "https://security.gentoo.org/glsa/202506-04", "reference_id": "GLSA-202506-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2500", "reference_id": "RHSA-2025:2500", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2502", "reference_id": "RHSA-2025:2502", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2502" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2861", "reference_id": "RHSA-2025:2861", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2862", "reference_id": "RHSA-2025:2862", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2865", "reference_id": "RHSA-2025:2865", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2866", "reference_id": "RHSA-2025:2866", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2873", "reference_id": "RHSA-2025:2873", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2874", "reference_id": "RHSA-2025:2874", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2875", "reference_id": "RHSA-2025:2875", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2879", "reference_id": "RHSA-2025:2879", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2880", "reference_id": "RHSA-2025:2880", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3976", "reference_id": "RHSA-2025:3976", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7163", "reference_id": "RHSA-2025:7163", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7165", "reference_id": "RHSA-2025:7165", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7458", "reference_id": "RHSA-2025:7458", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7458" }, { "reference_url": "https://usn.ubuntu.com/7299-1/", "reference_id": "USN-7299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-1/" }, { "reference_url": "https://usn.ubuntu.com/7299-2/", "reference_id": "USN-7299-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-2/" }, { "reference_url": "https://usn.ubuntu.com/7299-4/", "reference_id": "USN-7299-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-4/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-26597" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6hwh-7tvr-sqgn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46290?format=api", "vulnerability_id": "VCID-6qsh-kaxk-zuf9", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4011.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4011.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4011", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12368", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12282", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.1246", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12422", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12381", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12476", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12518", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12324", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12404", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00041", "scoring_system": "epss", "scoring_elements": "0.12455", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4011" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026074", "reference_id": "2026074", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026074" }, { "reference_url": "https://security.archlinux.org/AVG-2636", "reference_id": "AVG-2636", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2636" }, { "reference_url": "https://security.archlinux.org/AVG-2640", "reference_id": "AVG-2640", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2640" }, { "reference_url": "https://security.gentoo.org/glsa/202305-30", "reference_id": "GLSA-202305-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0003", "reference_id": "RHSA-2022:0003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1917", "reference_id": "RHSA-2022:1917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1917" }, { "reference_url": "https://usn.ubuntu.com/5193-1/", "reference_id": "USN-5193-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5193-1/" }, { "reference_url": "https://usn.ubuntu.com/5193-2/", "reference_id": "USN-5193-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5193-2/" }, { "reference_url": "https://usn.ubuntu.com/5193-3/", "reference_id": "USN-5193-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5193-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943714?format=api", "purl": "pkg:deb/debian/xwayland@2:21.1.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:21.1.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943713?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1pcv-f5h3-9fe9" }, { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-37e1-pzxj-2fdt" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-41cd-s77z-6bcc" }, { "vulnerability": "VCID-4ngr-6ccu-r7fv" }, { "vulnerability": "VCID-515f-a8yj-4fej" }, { "vulnerability": "VCID-5awx-j7z7-qyak" }, { "vulnerability": "VCID-6hwh-7tvr-sqgn" }, { "vulnerability": "VCID-6rcq-qxef-nuf7" }, { "vulnerability": "VCID-7nax-5yw9-eye8" }, { "vulnerability": "VCID-9cjy-6fj5-r7ag" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-fgnr-h7rm-83d4" }, { "vulnerability": "VCID-hkrr-v71f-xqdb" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-j6qd-r6ua-cfbm" }, { "vulnerability": "VCID-juet-bb4m-hkhq" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-p1tf-2c6u-tygr" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-phkz-t2yr-m7em" }, { "vulnerability": "VCID-qwqu-19wq-1ke8" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-trsp-u7xt-a3ck" }, { "vulnerability": "VCID-un9v-4svv-2baj" }, { "vulnerability": "VCID-v9p1-8sb6-9ufr" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" }, { "vulnerability": "VCID-x3p6-a59z-ebf3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-4011" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6qsh-kaxk-zuf9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49328?format=api", "vulnerability_id": "VCID-6rcq-qxef-nuf7", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0229.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0229.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0229", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55161", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55137", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55119", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55158", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55096", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.5512", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55095", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55145", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00321", "scoring_system": "epss", "scoring_elements": "0.55157", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0229" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256690", "reference_id": "2256690", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256690" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client", "reference_id": "cpe:/o:redhat:enterprise_linux:7::client", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode", "reference_id": "cpe:/o:redhat:enterprise_linux:7::computenode", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server", "reference_id": "cpe:/o:redhat:enterprise_linux:7::server", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation", "reference_id": "cpe:/o:redhat:enterprise_linux:7::workstation", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-0229", "reference_id": "CVE-2024-0229", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-0229" }, { "reference_url": "https://security.gentoo.org/glsa/202401-30", "reference_id": "GLSA-202401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202401-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0320", "reference_id": "RHSA-2024:0320", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0557", "reference_id": "RHSA-2024:0557", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0557" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0558", "reference_id": "RHSA-2024:0558", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0558" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0597", "reference_id": "RHSA-2024:0597", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0597" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0607", "reference_id": "RHSA-2024:0607", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0614", "reference_id": "RHSA-2024:0614", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0617", "reference_id": "RHSA-2024:0617", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0617" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0621", "reference_id": "RHSA-2024:0621", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0626", "reference_id": "RHSA-2024:0626", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0629", "reference_id": "RHSA-2024:0629", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2169", "reference_id": "RHSA-2024:2169", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2170", "reference_id": "RHSA-2024:2170", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2995", "reference_id": "RHSA-2024:2995", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2996", "reference_id": "RHSA-2024:2996", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12751", "reference_id": "RHSA-2025:12751", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12751" }, { "reference_url": "https://usn.ubuntu.com/6587-1/", "reference_id": "USN-6587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6587-1/" }, { "reference_url": "https://usn.ubuntu.com/6587-2/", "reference_id": "USN-6587-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6587-2/" }, { "reference_url": "https://usn.ubuntu.com/6587-5/", "reference_id": "USN-6587-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6587-5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943723?format=api", "purl": "pkg:deb/debian/xwayland@2:23.2.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-0229" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6rcq-qxef-nuf7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59269?format=api", "vulnerability_id": "VCID-7nax-5yw9-eye8", "summary": "A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26599.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26599.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26599", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05733", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05797", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05775", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05767", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05761", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05724", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05731", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05771", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18539", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18485", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26599" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906", "reference_id": "1098906", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907", "reference_id": "1098907", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345253", "reference_id": "2345253", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345253" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-26599", "reference_id": "CVE-2025-26599", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-26599" }, { "reference_url": "https://security.gentoo.org/glsa/202506-04", "reference_id": "GLSA-202506-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2500", "reference_id": "RHSA-2025:2500", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2502", "reference_id": "RHSA-2025:2502", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2502" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2861", "reference_id": "RHSA-2025:2861", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2862", "reference_id": "RHSA-2025:2862", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2865", "reference_id": "RHSA-2025:2865", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2866", "reference_id": "RHSA-2025:2866", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2873", "reference_id": "RHSA-2025:2873", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2874", "reference_id": "RHSA-2025:2874", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2875", "reference_id": "RHSA-2025:2875", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2879", "reference_id": "RHSA-2025:2879", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2880", "reference_id": "RHSA-2025:2880", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3976", "reference_id": "RHSA-2025:3976", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7163", "reference_id": "RHSA-2025:7163", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7165", "reference_id": "RHSA-2025:7165", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7458", "reference_id": "RHSA-2025:7458", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7458" }, { "reference_url": "https://usn.ubuntu.com/7299-1/", "reference_id": "USN-7299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-1/" }, { "reference_url": "https://usn.ubuntu.com/7299-2/", "reference_id": "USN-7299-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-2/" }, { "reference_url": "https://usn.ubuntu.com/7299-4/", "reference_id": "USN-7299-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-4/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-26599" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-7nax-5yw9-eye8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41832?format=api", "vulnerability_id": "VCID-9cjy-6fj5-r7ag", "summary": "A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31081.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31081.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31081", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31456", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.3148", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31443", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31477", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31572", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31616", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31436", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31488", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31517", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31522", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31081" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271998", "reference_id": "2271998", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271998" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client", "reference_id": "cpe:/o:redhat:enterprise_linux:7::client", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode", "reference_id": "cpe:/o:redhat:enterprise_linux:7::computenode", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server", "reference_id": "cpe:/o:redhat:enterprise_linux:7::server", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation", "reference_id": "cpe:/o:redhat:enterprise_linux:7::workstation", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-31081", "reference_id": "CVE-2024-31081", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-31081" }, { "reference_url": "https://security.gentoo.org/glsa/202411-08", "reference_id": "GLSA-202411-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202411-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1785", "reference_id": "RHSA-2024:1785", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2036", "reference_id": "RHSA-2024:2036", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2036" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2037", "reference_id": "RHSA-2024:2037", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2037" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2038", "reference_id": "RHSA-2024:2038", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2038" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2039", "reference_id": "RHSA-2024:2039", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2039" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2040", "reference_id": "RHSA-2024:2040", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2041", "reference_id": "RHSA-2024:2041", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2042", "reference_id": "RHSA-2024:2042", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2080", "reference_id": "RHSA-2024:2080", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2616", "reference_id": "RHSA-2024:2616", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2616" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3258", "reference_id": "RHSA-2024:3258", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:3258" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3261", "reference_id": "RHSA-2024:3261", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:3261" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3343", "reference_id": "RHSA-2024:3343", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:3343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9093", "reference_id": "RHSA-2024:9093", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:9093" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9122", "reference_id": "RHSA-2024:9122", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:9122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12751", "reference_id": "RHSA-2025:12751", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12751" }, { "reference_url": "https://usn.ubuntu.com/6721-1/", "reference_id": "USN-6721-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6721-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943724?format=api", "purl": "pkg:deb/debian/xwayland@2:23.2.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-31081" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9cjy-6fj5-r7ag" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46302?format=api", "vulnerability_id": "VCID-a4bk-m98g-93f8", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46344.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46344.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46344", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75711", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75742", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75721", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75756", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75767", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75791", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00908", "scoring_system": "epss", "scoring_elements": "0.75772", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00966", "scoring_system": "epss", "scoring_elements": "0.76622", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00966", "scoring_system": "epss", "scoring_elements": "0.76618", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46344" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071", "reference_id": "1026071", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151760", "reference_id": "2151760", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151760" }, { "reference_url": "https://security.gentoo.org/glsa/202305-30", "reference_id": "GLSA-202305-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0045", "reference_id": "RHSA-2023:0045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0046", "reference_id": "RHSA-2023:0046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2248", "reference_id": "RHSA-2023:2248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2249", "reference_id": "RHSA-2023:2249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2257", "reference_id": "RHSA-2023:2257", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2257" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2805", "reference_id": "RHSA-2023:2805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2806", "reference_id": "RHSA-2023:2806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2830", "reference_id": "RHSA-2023:2830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12751", "reference_id": "RHSA-2025:12751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12751" }, { "reference_url": "https://usn.ubuntu.com/5778-1/", "reference_id": "USN-5778-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5778-1/" }, { "reference_url": "https://usn.ubuntu.com/5778-2/", "reference_id": "USN-5778-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5778-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943719?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943713?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1pcv-f5h3-9fe9" }, { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-37e1-pzxj-2fdt" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-41cd-s77z-6bcc" }, { "vulnerability": "VCID-4ngr-6ccu-r7fv" }, { "vulnerability": "VCID-515f-a8yj-4fej" }, { "vulnerability": "VCID-5awx-j7z7-qyak" }, { "vulnerability": "VCID-6hwh-7tvr-sqgn" }, { "vulnerability": "VCID-6rcq-qxef-nuf7" }, { "vulnerability": "VCID-7nax-5yw9-eye8" }, { "vulnerability": "VCID-9cjy-6fj5-r7ag" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-fgnr-h7rm-83d4" }, { "vulnerability": "VCID-hkrr-v71f-xqdb" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-j6qd-r6ua-cfbm" }, { "vulnerability": "VCID-juet-bb4m-hkhq" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-p1tf-2c6u-tygr" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-phkz-t2yr-m7em" }, { "vulnerability": "VCID-qwqu-19wq-1ke8" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-trsp-u7xt-a3ck" }, { "vulnerability": "VCID-un9v-4svv-2baj" }, { "vulnerability": "VCID-v9p1-8sb6-9ufr" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" }, { "vulnerability": "VCID-x3p6-a59z-ebf3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-46344" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-a4bk-m98g-93f8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51244?format=api", "vulnerability_id": "VCID-bv8h-xa48-hbh7", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2319.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2319.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2319", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10138", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10289", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10164", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10222", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10287", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10183", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10257", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10319", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10349", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00035", "scoring_system": "epss", "scoring_elements": "0.10308", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2319" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2319", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2319" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2320", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2320" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014903", "reference_id": "1014903", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014903" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2106671", "reference_id": "2106671", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2106671" }, { "reference_url": "https://security.archlinux.org/AVG-2770", "reference_id": "AVG-2770", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2770" }, { "reference_url": "https://security.gentoo.org/glsa/202210-30", "reference_id": "GLSA-202210-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5905", "reference_id": "RHSA-2022:5905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7583", "reference_id": "RHSA-2022:7583", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7583" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8221", "reference_id": "RHSA-2022:8221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8222", "reference_id": "RHSA-2022:8222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8222" }, { "reference_url": "https://usn.ubuntu.com/5510-1/", "reference_id": "USN-5510-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5510-1/" }, { "reference_url": "https://usn.ubuntu.com/5510-2/", "reference_id": "USN-5510-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5510-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943717?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943713?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1pcv-f5h3-9fe9" }, { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-37e1-pzxj-2fdt" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-41cd-s77z-6bcc" }, { "vulnerability": "VCID-4ngr-6ccu-r7fv" }, { "vulnerability": "VCID-515f-a8yj-4fej" }, { "vulnerability": "VCID-5awx-j7z7-qyak" }, { "vulnerability": "VCID-6hwh-7tvr-sqgn" }, { "vulnerability": "VCID-6rcq-qxef-nuf7" }, { "vulnerability": "VCID-7nax-5yw9-eye8" }, { "vulnerability": "VCID-9cjy-6fj5-r7ag" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-fgnr-h7rm-83d4" }, { "vulnerability": "VCID-hkrr-v71f-xqdb" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-j6qd-r6ua-cfbm" }, { "vulnerability": "VCID-juet-bb4m-hkhq" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-p1tf-2c6u-tygr" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-phkz-t2yr-m7em" }, { "vulnerability": "VCID-qwqu-19wq-1ke8" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-trsp-u7xt-a3ck" }, { "vulnerability": "VCID-un9v-4svv-2baj" }, { "vulnerability": "VCID-v9p1-8sb6-9ufr" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" }, { "vulnerability": "VCID-x3p6-a59z-ebf3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-2319" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bv8h-xa48-hbh7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46294?format=api", "vulnerability_id": "VCID-bvay-s9w4-muf8", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3551.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3551.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3551", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73079", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73099", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73073", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73109", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73123", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73148", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73127", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73121", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73164", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00749", "scoring_system": "epss", "scoring_elements": "0.73174", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3551" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140701", "reference_id": "2140701", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140701" }, { "reference_url": "https://security.gentoo.org/glsa/202305-30", "reference_id": "GLSA-202305-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8491", "reference_id": "RHSA-2022:8491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2248", "reference_id": "RHSA-2023:2248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2249", "reference_id": "RHSA-2023:2249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2805", "reference_id": "RHSA-2023:2805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2806", "reference_id": "RHSA-2023:2806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2806" }, { "reference_url": "https://usn.ubuntu.com/5740-1/", "reference_id": "USN-5740-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5740-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943718?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943713?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1pcv-f5h3-9fe9" }, { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-37e1-pzxj-2fdt" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-41cd-s77z-6bcc" }, { "vulnerability": "VCID-4ngr-6ccu-r7fv" }, { "vulnerability": "VCID-515f-a8yj-4fej" }, { "vulnerability": "VCID-5awx-j7z7-qyak" }, { "vulnerability": "VCID-6hwh-7tvr-sqgn" }, { "vulnerability": "VCID-6rcq-qxef-nuf7" }, { "vulnerability": "VCID-7nax-5yw9-eye8" }, { "vulnerability": "VCID-9cjy-6fj5-r7ag" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-fgnr-h7rm-83d4" }, { "vulnerability": "VCID-hkrr-v71f-xqdb" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-j6qd-r6ua-cfbm" }, { "vulnerability": "VCID-juet-bb4m-hkhq" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-p1tf-2c6u-tygr" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-phkz-t2yr-m7em" }, { "vulnerability": "VCID-qwqu-19wq-1ke8" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-trsp-u7xt-a3ck" }, { "vulnerability": "VCID-un9v-4svv-2baj" }, { "vulnerability": "VCID-v9p1-8sb6-9ufr" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" }, { "vulnerability": "VCID-x3p6-a59z-ebf3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-3551" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-bvay-s9w4-muf8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46297?format=api", "vulnerability_id": "VCID-e7w3-3hpm-hbec", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4283.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4283.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4283", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39109", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39146", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39135", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39118", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39144", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39063", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39121", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00176", "scoring_system": "epss", "scoring_elements": "0.39089", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40554", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00187", "scoring_system": "epss", "scoring_elements": "0.40585", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-4283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071", "reference_id": "1026071", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151761", "reference_id": "2151761", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T15:16:33Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151761" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/", "reference_id": "5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T15:16:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2022-4283", "reference_id": "CVE-2022-4283", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T15:16:33Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2022-4283" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5304", "reference_id": "dsa-5304", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T15:16:33Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5304" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/", "reference_id": "DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T15:16:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/" }, { "reference_url": "https://security.gentoo.org/glsa/202305-30", "reference_id": "GLSA-202305-30", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T15:16:33Z/" } ], "url": "https://security.gentoo.org/glsa/202305-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0045", "reference_id": "RHSA-2023:0045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0046", "reference_id": "RHSA-2023:0046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2248", "reference_id": "RHSA-2023:2248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2249", "reference_id": "RHSA-2023:2249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2257", "reference_id": "RHSA-2023:2257", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2257" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2805", "reference_id": "RHSA-2023:2805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2806", "reference_id": "RHSA-2023:2806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2830", "reference_id": "RHSA-2023:2830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12751", "reference_id": "RHSA-2025:12751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12751" }, { "reference_url": "https://usn.ubuntu.com/5778-1/", "reference_id": "USN-5778-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5778-1/" }, { "reference_url": "https://usn.ubuntu.com/5778-2/", "reference_id": "USN-5778-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5778-2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/", "reference_id": "Z67QC4C3I2FI2WRFIUPEHKC36J362MLA", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T15:16:33Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943719?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943713?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1pcv-f5h3-9fe9" }, { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-37e1-pzxj-2fdt" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-41cd-s77z-6bcc" }, { "vulnerability": "VCID-4ngr-6ccu-r7fv" }, { "vulnerability": "VCID-515f-a8yj-4fej" }, { "vulnerability": "VCID-5awx-j7z7-qyak" }, { "vulnerability": "VCID-6hwh-7tvr-sqgn" }, { "vulnerability": "VCID-6rcq-qxef-nuf7" }, { "vulnerability": "VCID-7nax-5yw9-eye8" }, { "vulnerability": "VCID-9cjy-6fj5-r7ag" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-fgnr-h7rm-83d4" }, { "vulnerability": "VCID-hkrr-v71f-xqdb" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-j6qd-r6ua-cfbm" }, { "vulnerability": "VCID-juet-bb4m-hkhq" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-p1tf-2c6u-tygr" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-phkz-t2yr-m7em" }, { "vulnerability": "VCID-qwqu-19wq-1ke8" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-trsp-u7xt-a3ck" }, { "vulnerability": "VCID-un9v-4svv-2baj" }, { "vulnerability": "VCID-v9p1-8sb6-9ufr" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" }, { "vulnerability": "VCID-x3p6-a59z-ebf3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-4283" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e7w3-3hpm-hbec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66662?format=api", "vulnerability_id": "VCID-e9px-edn1-tufs", "summary": "xorg: xmayland: Use-after-free in XPresentNotify structure creation", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62229.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62229.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-62229", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01109", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01112", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01118", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0001", "scoring_system": "epss", "scoring_elements": "0.01124", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02624", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02607", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02615", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02664", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.0264", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00014", "scoring_system": "epss", "scoring_elements": "0.02626", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-62229" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62229", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62229" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402649", "reference_id": "2402649", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402649" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1", "reference_id": "cpe:/o:redhat:enterprise_linux:10.1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-62229", "reference_id": "CVE-2025-62229", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-62229" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19432", "reference_id": "RHSA-2025:19432", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19433", "reference_id": "RHSA-2025:19433", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19433" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19434", "reference_id": "RHSA-2025:19434", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19435", "reference_id": "RHSA-2025:19435", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19489", "reference_id": "RHSA-2025:19489", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19623", "reference_id": "RHSA-2025:19623", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19623" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19909", "reference_id": "RHSA-2025:19909", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:20958", "reference_id": "RHSA-2025:20958", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:20958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:20960", "reference_id": "RHSA-2025:20960", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:20960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:20961", "reference_id": "RHSA-2025:20961", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:20961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21035", "reference_id": "RHSA-2025:21035", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22040", "reference_id": "RHSA-2025:22040", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22041", "reference_id": "RHSA-2025:22041", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22051", "reference_id": "RHSA-2025:22051", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22055", "reference_id": "RHSA-2025:22055", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22056", "reference_id": "RHSA-2025:22056", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22077", "reference_id": "RHSA-2025:22077", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22096", "reference_id": "RHSA-2025:22096", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22096" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22164", "reference_id": "RHSA-2025:22164", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22167", "reference_id": "RHSA-2025:22167", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22364", "reference_id": "RHSA-2025:22364", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22365", "reference_id": "RHSA-2025:22365", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22365" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22426", "reference_id": "RHSA-2025:22426", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22426" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22427", "reference_id": "RHSA-2025:22427", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22667", "reference_id": "RHSA-2025:22667", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22729", "reference_id": "RHSA-2025:22729", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22742", "reference_id": "RHSA-2025:22742", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22753", "reference_id": "RHSA-2025:22753", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0031", "reference_id": "RHSA-2026:0031", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0033", "reference_id": "RHSA-2026:0033", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0033" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0034", "reference_id": "RHSA-2026:0034", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0035", "reference_id": "RHSA-2026:0035", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0036", "reference_id": "RHSA-2026:0036", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0036" }, { "reference_url": "https://usn.ubuntu.com/7846-1/", "reference_id": "USN-7846-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7846-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-62229" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-e9px-edn1-tufs" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/51245?format=api", "vulnerability_id": "VCID-em7x-adw1-tyaz", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2320.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2320.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2320", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.1845", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18499", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18441", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18692", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18747", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18463", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18543", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18596", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18599", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00059", "scoring_system": "epss", "scoring_elements": "0.18552", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-2320" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2319", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2319" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2320", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2320" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014903", "reference_id": "1014903", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014903" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2106683", "reference_id": "2106683", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2106683" }, { "reference_url": "https://security.archlinux.org/AVG-2770", "reference_id": "AVG-2770", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2770" }, { "reference_url": "https://security.gentoo.org/glsa/202210-30", "reference_id": "GLSA-202210-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202210-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:5905", "reference_id": "RHSA-2022:5905", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:5905" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:7583", "reference_id": "RHSA-2022:7583", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:7583" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8221", "reference_id": "RHSA-2022:8221", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8221" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8222", "reference_id": "RHSA-2022:8222", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8222" }, { "reference_url": "https://usn.ubuntu.com/5510-1/", "reference_id": "USN-5510-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5510-1/" }, { "reference_url": "https://usn.ubuntu.com/5510-2/", "reference_id": "USN-5510-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5510-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943717?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943713?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1pcv-f5h3-9fe9" }, { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-37e1-pzxj-2fdt" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-41cd-s77z-6bcc" }, { "vulnerability": "VCID-4ngr-6ccu-r7fv" }, { "vulnerability": "VCID-515f-a8yj-4fej" }, { "vulnerability": "VCID-5awx-j7z7-qyak" }, { "vulnerability": "VCID-6hwh-7tvr-sqgn" }, { "vulnerability": "VCID-6rcq-qxef-nuf7" }, { "vulnerability": "VCID-7nax-5yw9-eye8" }, { "vulnerability": "VCID-9cjy-6fj5-r7ag" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-fgnr-h7rm-83d4" }, { "vulnerability": "VCID-hkrr-v71f-xqdb" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-j6qd-r6ua-cfbm" }, { "vulnerability": "VCID-juet-bb4m-hkhq" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-p1tf-2c6u-tygr" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-phkz-t2yr-m7em" }, { "vulnerability": "VCID-qwqu-19wq-1ke8" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-trsp-u7xt-a3ck" }, { "vulnerability": "VCID-un9v-4svv-2baj" }, { "vulnerability": "VCID-v9p1-8sb6-9ufr" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" }, { "vulnerability": "VCID-x3p6-a59z-ebf3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-2320" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-em7x-adw1-tyaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46289?format=api", "vulnerability_id": "VCID-fcac-qzvs-rfa8", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4010.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4010.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4010", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23318", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23375", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23417", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23362", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.2338", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23492", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23528", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23312", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23384", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23435", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00079", "scoring_system": "epss", "scoring_elements": "0.23455", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026073", "reference_id": "2026073", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026073" }, { "reference_url": "https://security.archlinux.org/AVG-2636", "reference_id": "AVG-2636", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2636" }, { "reference_url": "https://security.archlinux.org/AVG-2640", "reference_id": "AVG-2640", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2640" }, { "reference_url": "https://security.gentoo.org/glsa/202305-30", "reference_id": "GLSA-202305-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0003", "reference_id": "RHSA-2022:0003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1917", "reference_id": "RHSA-2022:1917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1917" }, { "reference_url": "https://usn.ubuntu.com/5193-1/", "reference_id": "USN-5193-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5193-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943714?format=api", "purl": "pkg:deb/debian/xwayland@2:21.1.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:21.1.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943713?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1pcv-f5h3-9fe9" }, { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-37e1-pzxj-2fdt" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-41cd-s77z-6bcc" }, { "vulnerability": "VCID-4ngr-6ccu-r7fv" }, { "vulnerability": "VCID-515f-a8yj-4fej" }, { "vulnerability": "VCID-5awx-j7z7-qyak" }, { "vulnerability": "VCID-6hwh-7tvr-sqgn" }, { "vulnerability": "VCID-6rcq-qxef-nuf7" }, { "vulnerability": "VCID-7nax-5yw9-eye8" }, { "vulnerability": "VCID-9cjy-6fj5-r7ag" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-fgnr-h7rm-83d4" }, { "vulnerability": "VCID-hkrr-v71f-xqdb" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-j6qd-r6ua-cfbm" }, { "vulnerability": "VCID-juet-bb4m-hkhq" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-p1tf-2c6u-tygr" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-phkz-t2yr-m7em" }, { "vulnerability": "VCID-qwqu-19wq-1ke8" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-trsp-u7xt-a3ck" }, { "vulnerability": "VCID-un9v-4svv-2baj" }, { "vulnerability": "VCID-v9p1-8sb6-9ufr" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" }, { "vulnerability": "VCID-x3p6-a59z-ebf3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-4010" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fcac-qzvs-rfa8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49330?format=api", "vulnerability_id": "VCID-fgnr-h7rm-83d4", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0409.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0409.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0409", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00015", "scoring_system": "epss", "scoring_elements": "0.03005", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04809", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04757", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.0478", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04803", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.0482", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04858", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04875", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04852", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00018", "scoring_system": "epss", "scoring_elements": "0.04829", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-0409" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257690", "reference_id": "2257690", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257690" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client", "reference_id": "cpe:/o:redhat:enterprise_linux:7::client", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode", "reference_id": "cpe:/o:redhat:enterprise_linux:7::computenode", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server", "reference_id": "cpe:/o:redhat:enterprise_linux:7::server", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation", "reference_id": "cpe:/o:redhat:enterprise_linux:7::workstation", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-0409", "reference_id": "CVE-2024-0409", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-0409" }, { "reference_url": "https://security.gentoo.org/glsa/202401-30", "reference_id": "GLSA-202401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202401-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0320", "reference_id": "RHSA-2024:0320", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2169", "reference_id": "RHSA-2024:2169", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2170", "reference_id": "RHSA-2024:2170", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2995", "reference_id": "RHSA-2024:2995", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2996", "reference_id": "RHSA-2024:2996", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2996" }, { "reference_url": "https://usn.ubuntu.com/6587-1/", "reference_id": "USN-6587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6587-1/" }, { "reference_url": "https://usn.ubuntu.com/6587-2/", "reference_id": "USN-6587-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6587-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943723?format=api", "purl": "pkg:deb/debian/xwayland@2:23.2.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-0409" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-fgnr-h7rm-83d4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59273?format=api", "vulnerability_id": "VCID-hkrr-v71f-xqdb", "summary": "A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26601.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26601.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26601", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05733", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05797", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05775", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05767", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05761", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05724", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05731", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05771", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18539", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18485", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26601" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26601", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26601" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906", "reference_id": "1098906", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907", "reference_id": "1098907", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345251", "reference_id": "2345251", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345251" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-26601", "reference_id": "CVE-2025-26601", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-26601" }, { "reference_url": "https://security.gentoo.org/glsa/202506-04", "reference_id": "GLSA-202506-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2500", "reference_id": "RHSA-2025:2500", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2502", "reference_id": "RHSA-2025:2502", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2502" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2861", "reference_id": "RHSA-2025:2861", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2862", "reference_id": "RHSA-2025:2862", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2865", "reference_id": "RHSA-2025:2865", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2866", "reference_id": "RHSA-2025:2866", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2873", "reference_id": "RHSA-2025:2873", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2874", "reference_id": "RHSA-2025:2874", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2875", "reference_id": "RHSA-2025:2875", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2879", "reference_id": "RHSA-2025:2879", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2880", "reference_id": "RHSA-2025:2880", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3976", "reference_id": "RHSA-2025:3976", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7163", "reference_id": "RHSA-2025:7163", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7165", "reference_id": "RHSA-2025:7165", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7458", "reference_id": "RHSA-2025:7458", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7458" }, { "reference_url": "https://usn.ubuntu.com/7299-1/", "reference_id": "USN-7299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-1/" }, { "reference_url": "https://usn.ubuntu.com/7299-2/", "reference_id": "USN-7299-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-2/" }, { "reference_url": "https://usn.ubuntu.com/7299-4/", "reference_id": "USN-7299-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-4/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-26601" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hkrr-v71f-xqdb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/267379?format=api", "vulnerability_id": "VCID-hxab-xyu1-xkgc", "summary": "", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34000", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34000" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-34000" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hxab-xyu1-xkgc" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49332?format=api", "vulnerability_id": "VCID-j6qd-r6ua-cfbm", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21886.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21886.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21886", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.4934", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49319", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49293", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49344", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49268", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49296", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.4925", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49304", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49301", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21886" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256542", "reference_id": "2256542", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256542" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client", "reference_id": "cpe:/o:redhat:enterprise_linux:7::client", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode", "reference_id": "cpe:/o:redhat:enterprise_linux:7::computenode", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server", "reference_id": "cpe:/o:redhat:enterprise_linux:7::server", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation", "reference_id": "cpe:/o:redhat:enterprise_linux:7::workstation", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-21886", "reference_id": "CVE-2024-21886", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-21886" }, { "reference_url": "https://security.gentoo.org/glsa/202401-30", "reference_id": "GLSA-202401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202401-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0320", "reference_id": "RHSA-2024:0320", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0557", "reference_id": "RHSA-2024:0557", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0557" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0558", "reference_id": "RHSA-2024:0558", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0558" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0597", "reference_id": "RHSA-2024:0597", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0597" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0607", "reference_id": "RHSA-2024:0607", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0614", "reference_id": "RHSA-2024:0614", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0617", "reference_id": "RHSA-2024:0617", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0617" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0621", "reference_id": "RHSA-2024:0621", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0626", "reference_id": "RHSA-2024:0626", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0629", "reference_id": "RHSA-2024:0629", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2169", "reference_id": "RHSA-2024:2169", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2170", "reference_id": "RHSA-2024:2170", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2995", "reference_id": "RHSA-2024:2995", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2996", "reference_id": "RHSA-2024:2996", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12751", "reference_id": "RHSA-2025:12751", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12751" }, { "reference_url": "https://usn.ubuntu.com/6587-1/", "reference_id": "USN-6587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6587-1/" }, { "reference_url": "https://usn.ubuntu.com/6587-2/", "reference_id": "USN-6587-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6587-2/" }, { "reference_url": "https://usn.ubuntu.com/6587-5/", "reference_id": "USN-6587-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6587-5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943723?format=api", "purl": "pkg:deb/debian/xwayland@2:23.2.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-21886" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j6qd-r6ua-cfbm" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46299?format=api", "vulnerability_id": "VCID-jrx7-pbf3-h3at", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46341.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46341.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46341", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78136", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78154", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78128", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78122", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78113", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78096", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78083", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78132", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01181", "scoring_system": "epss", "scoring_elements": "0.78778", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01181", "scoring_system": "epss", "scoring_elements": "0.7878", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071", "reference_id": "1026071", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151756", "reference_id": "2151756", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:53:14Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151756" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/", "reference_id": "5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:53:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2022-46341", "reference_id": "CVE-2022-46341", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:53:14Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2022-46341" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5304", "reference_id": "dsa-5304", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:53:14Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5304" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/", "reference_id": "DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:53:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/" }, { "reference_url": "https://security.gentoo.org/glsa/202305-30", "reference_id": "GLSA-202305-30", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:53:14Z/" } ], "url": "https://security.gentoo.org/glsa/202305-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0045", "reference_id": "RHSA-2023:0045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0046", "reference_id": "RHSA-2023:0046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2248", "reference_id": "RHSA-2023:2248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2249", "reference_id": "RHSA-2023:2249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2257", "reference_id": "RHSA-2023:2257", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2257" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2805", "reference_id": "RHSA-2023:2805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2806", "reference_id": "RHSA-2023:2806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2830", "reference_id": "RHSA-2023:2830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12751", "reference_id": "RHSA-2025:12751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12751" }, { "reference_url": "https://usn.ubuntu.com/5778-1/", "reference_id": "USN-5778-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5778-1/" }, { "reference_url": "https://usn.ubuntu.com/5778-2/", "reference_id": "USN-5778-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5778-2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/", "reference_id": "Z67QC4C3I2FI2WRFIUPEHKC36J362MLA", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:53:14Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943719?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943713?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1pcv-f5h3-9fe9" }, { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-37e1-pzxj-2fdt" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-41cd-s77z-6bcc" }, { "vulnerability": "VCID-4ngr-6ccu-r7fv" }, { "vulnerability": "VCID-515f-a8yj-4fej" }, { "vulnerability": "VCID-5awx-j7z7-qyak" }, { "vulnerability": "VCID-6hwh-7tvr-sqgn" }, { "vulnerability": "VCID-6rcq-qxef-nuf7" }, { "vulnerability": "VCID-7nax-5yw9-eye8" }, { "vulnerability": "VCID-9cjy-6fj5-r7ag" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-fgnr-h7rm-83d4" }, { "vulnerability": "VCID-hkrr-v71f-xqdb" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-j6qd-r6ua-cfbm" }, { "vulnerability": "VCID-juet-bb4m-hkhq" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-p1tf-2c6u-tygr" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-phkz-t2yr-m7em" }, { "vulnerability": "VCID-qwqu-19wq-1ke8" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-trsp-u7xt-a3ck" }, { "vulnerability": "VCID-un9v-4svv-2baj" }, { "vulnerability": "VCID-v9p1-8sb6-9ufr" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" }, { "vulnerability": "VCID-x3p6-a59z-ebf3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-46341" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jrx7-pbf3-h3at" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41830?format=api", "vulnerability_id": "VCID-juet-bb4m-hkhq", "summary": "A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9632.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9632.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9632", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17769", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17866", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17817", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17759", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17991", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18045", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17745", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17833", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17895", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1791", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-9632" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9632", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9632" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086244", "reference_id": "1086244", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086244" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086245", "reference_id": "1086245", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086245" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317233", "reference_id": "2317233", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2317233" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-9632", "reference_id": "CVE-2024-9632", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-9632" }, { "reference_url": "https://security.gentoo.org/glsa/202411-08", "reference_id": "GLSA-202411-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202411-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:10090", "reference_id": "RHSA-2024:10090", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:10090" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:8798", "reference_id": "RHSA-2024:8798", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:8798" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9540", "reference_id": "RHSA-2024:9540", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:9540" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9579", "reference_id": "RHSA-2024:9579", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:9579" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9601", "reference_id": "RHSA-2024:9601", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:9601" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9690", "reference_id": "RHSA-2024:9690", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:9690" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9816", "reference_id": "RHSA-2024:9816", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:9816" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9818", "reference_id": "RHSA-2024:9818", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:9818" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9819", "reference_id": "RHSA-2024:9819", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:9819" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9820", "reference_id": "RHSA-2024:9820", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:9820" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9901", "reference_id": "RHSA-2024:9901", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:9901" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12751", "reference_id": "RHSA-2025:12751", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12751" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7163", "reference_id": "RHSA-2025:7163", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7165", "reference_id": "RHSA-2025:7165", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7458", "reference_id": "RHSA-2025:7458", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7458" }, { "reference_url": "https://usn.ubuntu.com/7085-1/", "reference_id": "USN-7085-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7085-1/" }, { "reference_url": "https://usn.ubuntu.com/7085-2/", "reference_id": "USN-7085-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7085-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943725?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-9632" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-juet-bb4m-hkhq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46292?format=api", "vulnerability_id": "VCID-m2hp-k4c4-m3db", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3550.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3550.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3550", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61403", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61431", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61401", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61448", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61464", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61485", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61471", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61453", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61492", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00412", "scoring_system": "epss", "scoring_elements": "0.61496", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-3550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140698", "reference_id": "2140698", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2140698" }, { "reference_url": "https://security.gentoo.org/glsa/202305-30", "reference_id": "GLSA-202305-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:8491", "reference_id": "RHSA-2022:8491", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:8491" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2248", "reference_id": "RHSA-2023:2248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2249", "reference_id": "RHSA-2023:2249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2805", "reference_id": "RHSA-2023:2805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2806", "reference_id": "RHSA-2023:2806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2806" }, { "reference_url": "https://usn.ubuntu.com/5740-1/", "reference_id": "USN-5740-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5740-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943718?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.5-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.5-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943713?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1pcv-f5h3-9fe9" }, { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-37e1-pzxj-2fdt" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-41cd-s77z-6bcc" }, { "vulnerability": "VCID-4ngr-6ccu-r7fv" }, { "vulnerability": "VCID-515f-a8yj-4fej" }, { "vulnerability": "VCID-5awx-j7z7-qyak" }, { "vulnerability": "VCID-6hwh-7tvr-sqgn" }, { "vulnerability": "VCID-6rcq-qxef-nuf7" }, { "vulnerability": "VCID-7nax-5yw9-eye8" }, { "vulnerability": "VCID-9cjy-6fj5-r7ag" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-fgnr-h7rm-83d4" }, { "vulnerability": "VCID-hkrr-v71f-xqdb" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-j6qd-r6ua-cfbm" }, { "vulnerability": "VCID-juet-bb4m-hkhq" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-p1tf-2c6u-tygr" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-phkz-t2yr-m7em" }, { "vulnerability": "VCID-qwqu-19wq-1ke8" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-trsp-u7xt-a3ck" }, { "vulnerability": "VCID-un9v-4svv-2baj" }, { "vulnerability": "VCID-v9p1-8sb6-9ufr" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" }, { "vulnerability": "VCID-x3p6-a59z-ebf3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-3550" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-m2hp-k4c4-m3db" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69418?format=api", "vulnerability_id": "VCID-may9-9sdj-cbbd", "summary": "xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Data Leak in XFIXES Extension's XFixesSetClientDisconnectMode", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49177.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49177.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49177", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09301", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09325", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09409", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09438", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09424", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09377", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00032", "scoring_system": "epss", "scoring_elements": "0.09389", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24987", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24983", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00087", "scoring_system": "epss", "scoring_elements": "0.24995", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49177" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369", "reference_id": "1108369", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369955", "reference_id": "2369955", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369955" }, { "reference_url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/ab02fb96b1c701c3bb47617d965522c34befa6af", "reference_id": "ab02fb96b1c701c3bb47617d965522c34befa6af", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/" } ], "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/ab02fb96b1c701c3bb47617d965522c34befa6af" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7", "reference_id": "cpe:/o:redhat:enterprise_linux:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9", "reference_id": "cpe:/o:redhat:enterprise_linux:9", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-49177", "reference_id": "CVE-2025-49177", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-49177" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10258", "reference_id": "RHSA-2025:10258", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10258" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9303", "reference_id": "RHSA-2025:9303", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9304", "reference_id": "RHSA-2025:9304", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9304" }, { "reference_url": "https://www.x.org/wiki/Development/Security/", "reference_id": "Security", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/" } ], "url": "https://www.x.org/wiki/Development/Security/" }, { "reference_url": "https://usn.ubuntu.com/7573-1/", "reference_id": "USN-7573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7573-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943726?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-49177" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-may9-9sdj-cbbd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/41831?format=api", "vulnerability_id": "VCID-p1tf-2c6u-tygr", "summary": "A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31080.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31080.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31080", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31456", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.3148", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31443", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31477", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31572", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31616", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31436", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31488", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31517", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00123", "scoring_system": "epss", "scoring_elements": "0.31522", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-31080" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271997", "reference_id": "2271997", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2271997" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10", "reference_id": "cpe:/o:redhat:enterprise_linux:10", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client", "reference_id": "cpe:/o:redhat:enterprise_linux:7::client", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode", "reference_id": "cpe:/o:redhat:enterprise_linux:7::computenode", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server", "reference_id": "cpe:/o:redhat:enterprise_linux:7::server", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation", "reference_id": "cpe:/o:redhat:enterprise_linux:7::workstation", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-31080", "reference_id": "CVE-2024-31080", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-31080" }, { "reference_url": "https://security.gentoo.org/glsa/202411-08", "reference_id": "GLSA-202411-08", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202411-08" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:1785", "reference_id": "RHSA-2024:1785", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:1785" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2036", "reference_id": "RHSA-2024:2036", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2036" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2037", "reference_id": "RHSA-2024:2037", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2037" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2038", "reference_id": "RHSA-2024:2038", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2038" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2039", "reference_id": "RHSA-2024:2039", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2039" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2040", "reference_id": "RHSA-2024:2040", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2041", "reference_id": "RHSA-2024:2041", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2042", "reference_id": "RHSA-2024:2042", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2042" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2080", "reference_id": "RHSA-2024:2080", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2080" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2616", "reference_id": "RHSA-2024:2616", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2616" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3258", "reference_id": "RHSA-2024:3258", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:3258" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3261", "reference_id": "RHSA-2024:3261", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:3261" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:3343", "reference_id": "RHSA-2024:3343", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:3343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9093", "reference_id": "RHSA-2024:9093", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:9093" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:9122", "reference_id": "RHSA-2024:9122", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:9122" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12751", "reference_id": "RHSA-2025:12751", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12751" }, { "reference_url": "https://usn.ubuntu.com/6721-1/", "reference_id": "USN-6721-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6721-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943724?format=api", "purl": "pkg:deb/debian/xwayland@2:23.2.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-31080" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-p1tf-2c6u-tygr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/267382?format=api", "vulnerability_id": "VCID-pa9n-ntq3-jqaz", "summary": "", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34003", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34003" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-34003" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-pa9n-ntq3-jqaz" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49327?format=api", "vulnerability_id": "VCID-phkz-t2yr-m7em", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6816.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6816.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6816", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.03264", "scoring_system": "epss", "scoring_elements": "0.87167", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.03264", "scoring_system": "epss", "scoring_elements": "0.87146", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.03264", "scoring_system": "epss", "scoring_elements": "0.87163", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.03264", "scoring_system": "epss", "scoring_elements": "0.87105", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.03264", "scoring_system": "epss", "scoring_elements": "0.87122", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.03264", "scoring_system": "epss", "scoring_elements": "0.87115", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.03264", "scoring_system": "epss", "scoring_elements": "0.87136", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.03264", "scoring_system": "epss", "scoring_elements": "0.87143", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.03264", "scoring_system": "epss", "scoring_elements": "0.87156", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.03264", "scoring_system": "epss", "scoring_elements": "0.87151", "published_at": "2026-04-12T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6816" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257691", "reference_id": "2257691", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2257691" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client", "reference_id": "cpe:/o:redhat:enterprise_linux:7::client", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode", "reference_id": "cpe:/o:redhat:enterprise_linux:7::computenode", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server", "reference_id": "cpe:/o:redhat:enterprise_linux:7::server", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation", "reference_id": "cpe:/o:redhat:enterprise_linux:7::workstation", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2023-6816", "reference_id": "CVE-2023-6816", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2023-6816" }, { "reference_url": "https://security.gentoo.org/glsa/202401-30", "reference_id": "GLSA-202401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202401-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0320", "reference_id": "RHSA-2024:0320", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0557", "reference_id": "RHSA-2024:0557", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0557" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0558", "reference_id": "RHSA-2024:0558", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0558" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0597", "reference_id": "RHSA-2024:0597", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0597" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0607", "reference_id": "RHSA-2024:0607", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0614", "reference_id": "RHSA-2024:0614", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0617", "reference_id": "RHSA-2024:0617", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0617" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0621", "reference_id": "RHSA-2024:0621", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0626", "reference_id": "RHSA-2024:0626", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0629", "reference_id": "RHSA-2024:0629", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2169", "reference_id": "RHSA-2024:2169", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2170", "reference_id": "RHSA-2024:2170", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2995", "reference_id": "RHSA-2024:2995", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2996", "reference_id": "RHSA-2024:2996", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12751", "reference_id": "RHSA-2025:12751", "reference_type": "", "scores": [ { "value": "9.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12751" }, { "reference_url": "https://usn.ubuntu.com/6587-1/", "reference_id": "USN-6587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6587-1/" }, { "reference_url": "https://usn.ubuntu.com/6587-2/", "reference_id": "USN-6587-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6587-2/" }, { "reference_url": "https://usn.ubuntu.com/6587-5/", "reference_id": "USN-6587-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6587-5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943723?format=api", "purl": "pkg:deb/debian/xwayland@2:23.2.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-6816" ], "risk_score": 4.4, "exploitability": "0.5", "weighted_severity": "8.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-phkz-t2yr-m7em" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/59262?format=api", "vulnerability_id": "VCID-qwqu-19wq-1ke8", "summary": "A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26594.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26594.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26594", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05733", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05797", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05775", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05767", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05761", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05724", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05731", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00021", "scoring_system": "epss", "scoring_elements": "0.05771", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18539", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00058", "scoring_system": "epss", "scoring_elements": "0.18485", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-26594" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26594", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26594" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906", "reference_id": "1098906", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907", "reference_id": "1098907", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345248", "reference_id": "2345248", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2345248" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8", "reference_id": "cpe:/o:redhat:enterprise_linux:8", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-26594", "reference_id": "CVE-2025-26594", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-26594" }, { "reference_url": "https://security.gentoo.org/glsa/202506-04", "reference_id": "GLSA-202506-04", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202506-04" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2500", "reference_id": "RHSA-2025:2500", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2500" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2502", "reference_id": "RHSA-2025:2502", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2502" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2861", "reference_id": "RHSA-2025:2861", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2861" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2862", "reference_id": "RHSA-2025:2862", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2862" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2865", "reference_id": "RHSA-2025:2865", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2865" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2866", "reference_id": "RHSA-2025:2866", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2866" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2873", "reference_id": "RHSA-2025:2873", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2873" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2874", "reference_id": "RHSA-2025:2874", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2874" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2875", "reference_id": "RHSA-2025:2875", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2875" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2879", "reference_id": "RHSA-2025:2879", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2879" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:2880", "reference_id": "RHSA-2025:2880", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:2880" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:3976", "reference_id": "RHSA-2025:3976", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:3976" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7163", "reference_id": "RHSA-2025:7163", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7163" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7165", "reference_id": "RHSA-2025:7165", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7165" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:7458", "reference_id": "RHSA-2025:7458", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:7458" }, { "reference_url": "https://usn.ubuntu.com/7299-1/", "reference_id": "USN-7299-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-1/" }, { "reference_url": "https://usn.ubuntu.com/7299-2/", "reference_id": "USN-7299-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-2/" }, { "reference_url": "https://usn.ubuntu.com/7299-4/", "reference_id": "USN-7299-4", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7299-4/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-26594" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qwqu-19wq-1ke8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69420?format=api", "vulnerability_id": "VCID-s7xs-zcxk-nyc7", "summary": "xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer overflow in X Record extension", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49179.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49179.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49179", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17986", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.18079", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.1778", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17868", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17928", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17944", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00057", "scoring_system": "epss", "scoring_elements": "0.17899", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36079", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.3612", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00154", "scoring_system": "epss", "scoring_elements": "0.36105", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49179" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49179", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49179" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369", "reference_id": "1108369", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369978", "reference_id": "2369978", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369978" }, { "reference_url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/2bde9ca49a8fd9a1e6697d5e7ef837870d66f5d4", "reference_id": "2bde9ca49a8fd9a1e6697d5e7ef837870d66f5d4", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/2bde9ca49a8fd9a1e6697d5e7ef837870d66f5d4" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server", "reference_id": "cpe:/o:redhat:rhel_aus:7.7::server", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-49179", "reference_id": "CVE-2025-49179", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-49179" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10258", "reference_id": "RHSA-2025:10258", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10258" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10342", "reference_id": "RHSA-2025:10342", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10343", "reference_id": "RHSA-2025:10343", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10344", "reference_id": "RHSA-2025:10344", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10346", "reference_id": "RHSA-2025:10346", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10347", "reference_id": "RHSA-2025:10347", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10347" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10348", "reference_id": "RHSA-2025:10348", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10349", "reference_id": "RHSA-2025:10349", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10350", "reference_id": "RHSA-2025:10350", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10351", "reference_id": "RHSA-2025:10351", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10352", "reference_id": "RHSA-2025:10352", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10355", "reference_id": "RHSA-2025:10355", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10356", "reference_id": "RHSA-2025:10356", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10356" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10360", "reference_id": "RHSA-2025:10360", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10370", "reference_id": "RHSA-2025:10370", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10374", "reference_id": "RHSA-2025:10374", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10375", "reference_id": "RHSA-2025:10375", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10376", "reference_id": "RHSA-2025:10376", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10376" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10377", "reference_id": "RHSA-2025:10377", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10377" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10378", "reference_id": "RHSA-2025:10378", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10381", "reference_id": "RHSA-2025:10381", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10410", "reference_id": "RHSA-2025:10410", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10410" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9303", "reference_id": "RHSA-2025:9303", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9304", "reference_id": "RHSA-2025:9304", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9305", "reference_id": "RHSA-2025:9305", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9306", "reference_id": "RHSA-2025:9306", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9392", "reference_id": "RHSA-2025:9392", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9964", "reference_id": "RHSA-2025:9964", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9964" }, { "reference_url": "https://www.x.org/wiki/Development/Security/", "reference_id": "Security", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/" } ], "url": "https://www.x.org/wiki/Development/Security/" }, { "reference_url": "https://usn.ubuntu.com/7573-1/", "reference_id": "USN-7573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7573-1/" }, { "reference_url": "https://usn.ubuntu.com/7573-2/", "reference_id": "USN-7573-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7573-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943726?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-49179" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-s7xs-zcxk-nyc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69416?format=api", "vulnerability_id": "VCID-sfgy-e6d6-f3fd", "summary": "xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49175.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49175.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49175", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24214", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24169", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24316", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24102", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24253", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24188", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.2423", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44898", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44852", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44904", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49175" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49175", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49175" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/0885e0b26225c90534642fe911632ec0779eebee", "reference_id": "0885e0b26225c90534642fe911632ec0779eebee", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/0885e0b26225c90534642fe911632ec0779eebee" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369", "reference_id": "1108369", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369" }, { "reference_url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2024", "reference_id": "2024", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2024" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369947", "reference_id": "2369947", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369947" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server", "reference_id": "cpe:/o:redhat:rhel_aus:7.7::server", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-49175", "reference_id": "CVE-2025-49175", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-49175" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10258", "reference_id": "RHSA-2025:10258", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10258" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10342", "reference_id": "RHSA-2025:10342", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10343", "reference_id": "RHSA-2025:10343", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10344", "reference_id": "RHSA-2025:10344", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10346", "reference_id": "RHSA-2025:10346", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10347", "reference_id": "RHSA-2025:10347", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10347" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10348", "reference_id": "RHSA-2025:10348", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10349", "reference_id": "RHSA-2025:10349", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10350", "reference_id": "RHSA-2025:10350", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10351", "reference_id": "RHSA-2025:10351", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10352", "reference_id": "RHSA-2025:10352", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10355", "reference_id": "RHSA-2025:10355", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10356", "reference_id": "RHSA-2025:10356", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10356" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10360", "reference_id": "RHSA-2025:10360", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10370", "reference_id": "RHSA-2025:10370", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10374", "reference_id": "RHSA-2025:10374", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10375", "reference_id": "RHSA-2025:10375", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10376", "reference_id": "RHSA-2025:10376", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10376" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10377", "reference_id": "RHSA-2025:10377", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10377" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10378", "reference_id": "RHSA-2025:10378", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10381", "reference_id": "RHSA-2025:10381", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10410", "reference_id": "RHSA-2025:10410", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10410" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9303", "reference_id": "RHSA-2025:9303", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9304", "reference_id": "RHSA-2025:9304", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9305", "reference_id": "RHSA-2025:9305", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9306", "reference_id": "RHSA-2025:9306", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9392", "reference_id": "RHSA-2025:9392", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9964", "reference_id": "RHSA-2025:9964", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9964" }, { "reference_url": "https://www.x.org/wiki/Development/Security/", "reference_id": "Security", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/" } ], "url": "https://www.x.org/wiki/Development/Security/" }, { "reference_url": "https://usn.ubuntu.com/7573-1/", "reference_id": "USN-7573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7573-1/" }, { "reference_url": "https://usn.ubuntu.com/7573-2/", "reference_id": "USN-7573-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7573-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943726?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-49175" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sfgy-e6d6-f3fd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66663?format=api", "vulnerability_id": "VCID-sx54-5s5r-ckg2", "summary": "xorg: xwayland: Use-after-free in Xkb client resource removal", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62230.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62230.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-62230", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01933", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0197", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01955", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01939", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01913", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01914", "published_at": "2026-04-16T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00898", "published_at": "2026-04-08T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00892", "published_at": "2026-04-04T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00895", "published_at": "2026-04-07T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.0089", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-62230" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62230", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62230" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402653", "reference_id": "2402653", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402653" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1", "reference_id": "cpe:/o:redhat:enterprise_linux:10.1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-62230", "reference_id": "CVE-2025-62230", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-62230" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19432", "reference_id": "RHSA-2025:19432", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19433", "reference_id": "RHSA-2025:19433", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19433" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19434", "reference_id": "RHSA-2025:19434", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19435", "reference_id": "RHSA-2025:19435", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19489", "reference_id": "RHSA-2025:19489", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19623", "reference_id": "RHSA-2025:19623", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19623" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19909", "reference_id": "RHSA-2025:19909", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:20958", "reference_id": "RHSA-2025:20958", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:20958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:20960", "reference_id": "RHSA-2025:20960", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:20960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:20961", "reference_id": "RHSA-2025:20961", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:20961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21035", "reference_id": "RHSA-2025:21035", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22040", "reference_id": "RHSA-2025:22040", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22041", "reference_id": "RHSA-2025:22041", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22051", "reference_id": "RHSA-2025:22051", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22055", "reference_id": "RHSA-2025:22055", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22056", "reference_id": "RHSA-2025:22056", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22077", "reference_id": "RHSA-2025:22077", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22096", "reference_id": "RHSA-2025:22096", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22096" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22164", "reference_id": "RHSA-2025:22164", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22167", "reference_id": "RHSA-2025:22167", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22364", "reference_id": "RHSA-2025:22364", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22365", "reference_id": "RHSA-2025:22365", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22365" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22426", "reference_id": "RHSA-2025:22426", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22426" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22427", "reference_id": "RHSA-2025:22427", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22667", "reference_id": "RHSA-2025:22667", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22729", "reference_id": "RHSA-2025:22729", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22742", "reference_id": "RHSA-2025:22742", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22753", "reference_id": "RHSA-2025:22753", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0031", "reference_id": "RHSA-2026:0031", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0033", "reference_id": "RHSA-2026:0033", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0033" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0034", "reference_id": "RHSA-2026:0034", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0035", "reference_id": "RHSA-2026:0035", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0036", "reference_id": "RHSA-2026:0036", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0036" }, { "reference_url": "https://usn.ubuntu.com/7846-1/", "reference_id": "USN-7846-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7846-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-62230" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-sx54-5s5r-ckg2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/66664?format=api", "vulnerability_id": "VCID-t1cy-srre-nkbp", "summary": "xorg: xmayland: Value overflow in XkbSetCompatMap()", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62231.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62231.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-62231", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01933", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.0197", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01955", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01939", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01913", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00013", "scoring_system": "epss", "scoring_elements": "0.01914", "published_at": "2026-04-16T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00898", "published_at": "2026-04-08T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00892", "published_at": "2026-04-04T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.00895", "published_at": "2026-04-07T12:55:00Z" }, { "value": "9e-05", "scoring_system": "epss", "scoring_elements": "0.0089", "published_at": "2026-04-02T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-62231" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62231", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62231" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402660", "reference_id": "2402660", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2402660" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1", "reference_id": "cpe:/o:redhat:enterprise_linux:10.1", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-62231", "reference_id": "CVE-2025-62231", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-62231" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19432", "reference_id": "RHSA-2025:19432", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19432" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19433", "reference_id": "RHSA-2025:19433", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19433" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19434", "reference_id": "RHSA-2025:19434", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19434" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19435", "reference_id": "RHSA-2025:19435", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19435" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19489", "reference_id": "RHSA-2025:19489", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19489" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19623", "reference_id": "RHSA-2025:19623", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19623" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:19909", "reference_id": "RHSA-2025:19909", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:19909" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:20958", "reference_id": "RHSA-2025:20958", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:20958" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:20960", "reference_id": "RHSA-2025:20960", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:20960" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:20961", "reference_id": "RHSA-2025:20961", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:20961" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:21035", "reference_id": "RHSA-2025:21035", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:21035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22040", "reference_id": "RHSA-2025:22040", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22040" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22041", "reference_id": "RHSA-2025:22041", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22041" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22051", "reference_id": "RHSA-2025:22051", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22051" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22055", "reference_id": "RHSA-2025:22055", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22055" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22056", "reference_id": "RHSA-2025:22056", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22056" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22077", "reference_id": "RHSA-2025:22077", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22077" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22096", "reference_id": "RHSA-2025:22096", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22096" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22164", "reference_id": "RHSA-2025:22164", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22164" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22167", "reference_id": "RHSA-2025:22167", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22167" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22364", "reference_id": "RHSA-2025:22364", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22364" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22365", "reference_id": "RHSA-2025:22365", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22365" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22426", "reference_id": "RHSA-2025:22426", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22426" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22427", "reference_id": "RHSA-2025:22427", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22427" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22667", "reference_id": "RHSA-2025:22667", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22667" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22729", "reference_id": "RHSA-2025:22729", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22729" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22742", "reference_id": "RHSA-2025:22742", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22742" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:22753", "reference_id": "RHSA-2025:22753", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:22753" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0031", "reference_id": "RHSA-2026:0031", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0031" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0033", "reference_id": "RHSA-2026:0033", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0033" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0034", "reference_id": "RHSA-2026:0034", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0034" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0035", "reference_id": "RHSA-2026:0035", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0035" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2026:0036", "reference_id": "RHSA-2026:0036", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2026:0036" }, { "reference_url": "https://usn.ubuntu.com/7846-1/", "reference_id": "USN-7846-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7846-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-62231" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t1cy-srre-nkbp" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49325?format=api", "vulnerability_id": "VCID-trsp-u7xt-a3ck", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6377.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6377.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6377", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61374", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61402", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61372", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61418", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61434", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61455", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61441", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61422", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61461", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00411", "scoring_system": "epss", "scoring_elements": "0.61465", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6377" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6377", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6377" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6478" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253291", "reference_id": "2253291", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253291" }, { "reference_url": "https://security.gentoo.org/glsa/202401-30", "reference_id": "GLSA-202401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202401-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7886", "reference_id": "RHSA-2023:7886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0006", "reference_id": "RHSA-2024:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0009", "reference_id": "RHSA-2024:0009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0010", "reference_id": "RHSA-2024:0010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0014", "reference_id": "RHSA-2024:0014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0015", "reference_id": "RHSA-2024:0015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0016", "reference_id": "RHSA-2024:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0017", "reference_id": "RHSA-2024:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0018", "reference_id": "RHSA-2024:0018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0020", "reference_id": "RHSA-2024:0020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2169", "reference_id": "RHSA-2024:2169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2170", "reference_id": "RHSA-2024:2170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2995", "reference_id": "RHSA-2024:2995", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2996", "reference_id": "RHSA-2024:2996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:13998", "reference_id": "RHSA-2025:13998", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:13998" }, { "reference_url": "https://usn.ubuntu.com/6555-1/", "reference_id": "USN-6555-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6555-1/" }, { "reference_url": "https://usn.ubuntu.com/6555-2/", "reference_id": "USN-6555-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6555-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943722?format=api", "purl": "pkg:deb/debian/xwayland@2:23.2.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-6377" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-trsp-u7xt-a3ck" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49323?format=api", "vulnerability_id": "VCID-un9v-4svv-2baj", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5367.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5367.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5367", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20089", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20146", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19876", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19955", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20009", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.20029", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19985", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19927", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19905", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00064", "scoring_system": "epss", "scoring_elements": "0.19909", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-5367" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5367", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5367" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5380", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5380" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243091", "reference_id": "2243091", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243091" }, { "reference_url": "https://security.gentoo.org/glsa/202401-30", "reference_id": "GLSA-202401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202401-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6802", "reference_id": "RHSA-2023:6802", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6802" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6808", "reference_id": "RHSA-2023:6808", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6808" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7373", "reference_id": "RHSA-2023:7373", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7373" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7388", "reference_id": "RHSA-2023:7388", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7388" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7405", "reference_id": "RHSA-2023:7405", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7405" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7428", "reference_id": "RHSA-2023:7428", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7428" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7436", "reference_id": "RHSA-2023:7436", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7436" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7526", "reference_id": "RHSA-2023:7526", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7526" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7533", "reference_id": "RHSA-2023:7533", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7533" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0010", "reference_id": "RHSA-2024:0010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0128", "reference_id": "RHSA-2024:0128", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0128" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2169", "reference_id": "RHSA-2024:2169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2170", "reference_id": "RHSA-2024:2170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2995", "reference_id": "RHSA-2024:2995", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2996", "reference_id": "RHSA-2024:2996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12751", "reference_id": "RHSA-2025:12751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12751" }, { "reference_url": "https://usn.ubuntu.com/6453-1/", "reference_id": "USN-6453-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6453-1/" }, { "reference_url": "https://usn.ubuntu.com/6453-2/", "reference_id": "USN-6453-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6453-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943721?format=api", "purl": "pkg:deb/debian/xwayland@2:23.2.2-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.2-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-5367" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-un9v-4svv-2baj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46301?format=api", "vulnerability_id": "VCID-uxsy-k3cg-mkdd", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46343.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46343.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46343", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78136", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78154", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78128", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78122", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78113", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78096", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78083", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01109", "scoring_system": "epss", "scoring_elements": "0.78132", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01181", "scoring_system": "epss", "scoring_elements": "0.78778", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01181", "scoring_system": "epss", "scoring_elements": "0.7878", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2022-46343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071", "reference_id": "1026071", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151758", "reference_id": "2151758", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:13:50Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2151758" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/", "reference_id": "5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:13:50Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2022-46343", "reference_id": "CVE-2022-46343", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:13:50Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2022-46343" }, { "reference_url": "https://www.debian.org/security/2022/dsa-5304", "reference_id": "dsa-5304", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:13:50Z/" } ], "url": "https://www.debian.org/security/2022/dsa-5304" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/", "reference_id": "DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:13:50Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/" }, { "reference_url": "https://security.gentoo.org/glsa/202305-30", "reference_id": "GLSA-202305-30", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:13:50Z/" } ], "url": "https://security.gentoo.org/glsa/202305-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0045", "reference_id": "RHSA-2023:0045", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0045" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0046", "reference_id": "RHSA-2023:0046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0046" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2248", "reference_id": "RHSA-2023:2248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2249", "reference_id": "RHSA-2023:2249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2257", "reference_id": "RHSA-2023:2257", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2257" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2805", "reference_id": "RHSA-2023:2805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2806", "reference_id": "RHSA-2023:2806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2830", "reference_id": "RHSA-2023:2830", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2830" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12751", "reference_id": "RHSA-2025:12751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12751" }, { "reference_url": "https://usn.ubuntu.com/5778-1/", "reference_id": "USN-5778-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5778-1/" }, { "reference_url": "https://usn.ubuntu.com/5778-2/", "reference_id": "USN-5778-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5778-2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/", "reference_id": "Z67QC4C3I2FI2WRFIUPEHKC36J362MLA", "reference_type": "", "scores": [ { "value": "8.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:13:50Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943719?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.6-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943713?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1pcv-f5h3-9fe9" }, { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-37e1-pzxj-2fdt" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-41cd-s77z-6bcc" }, { "vulnerability": "VCID-4ngr-6ccu-r7fv" }, { "vulnerability": "VCID-515f-a8yj-4fej" }, { "vulnerability": "VCID-5awx-j7z7-qyak" }, { "vulnerability": "VCID-6hwh-7tvr-sqgn" }, { "vulnerability": "VCID-6rcq-qxef-nuf7" }, { "vulnerability": "VCID-7nax-5yw9-eye8" }, { "vulnerability": "VCID-9cjy-6fj5-r7ag" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-fgnr-h7rm-83d4" }, { "vulnerability": "VCID-hkrr-v71f-xqdb" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-j6qd-r6ua-cfbm" }, { "vulnerability": "VCID-juet-bb4m-hkhq" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-p1tf-2c6u-tygr" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-phkz-t2yr-m7em" }, { "vulnerability": "VCID-qwqu-19wq-1ke8" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-trsp-u7xt-a3ck" }, { "vulnerability": "VCID-un9v-4svv-2baj" }, { "vulnerability": "VCID-v9p1-8sb6-9ufr" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" }, { "vulnerability": "VCID-x3p6-a59z-ebf3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2022-46343" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "7.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uxsy-k3cg-mkdd" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49331?format=api", "vulnerability_id": "VCID-v9p1-8sb6-9ufr", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21885.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21885.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21885", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.4934", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49319", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49293", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49344", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49268", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49296", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.4925", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49304", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0026", "scoring_system": "epss", "scoring_elements": "0.49301", "published_at": "2026-04-09T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2024-21885" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.4", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256540", "reference_id": "2256540", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2256540" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client", "reference_id": "cpe:/o:redhat:enterprise_linux:7::client", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode", "reference_id": "cpe:/o:redhat:enterprise_linux:7::computenode", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server", "reference_id": "cpe:/o:redhat:enterprise_linux:7::server", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation", "reference_id": "cpe:/o:redhat:enterprise_linux:7::workstation", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2024-21885", "reference_id": "CVE-2024-21885", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2024-21885" }, { "reference_url": "https://security.gentoo.org/glsa/202401-30", "reference_id": "GLSA-202401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202401-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0320", "reference_id": "RHSA-2024:0320", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0320" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0557", "reference_id": "RHSA-2024:0557", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0557" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0558", "reference_id": "RHSA-2024:0558", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0558" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0597", "reference_id": "RHSA-2024:0597", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0597" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0607", "reference_id": "RHSA-2024:0607", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0607" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0614", "reference_id": "RHSA-2024:0614", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0614" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0617", "reference_id": "RHSA-2024:0617", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0617" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0621", "reference_id": "RHSA-2024:0621", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0621" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0626", "reference_id": "RHSA-2024:0626", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0626" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0629", "reference_id": "RHSA-2024:0629", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:0629" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2169", "reference_id": "RHSA-2024:2169", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2170", "reference_id": "RHSA-2024:2170", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2995", "reference_id": "RHSA-2024:2995", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2996", "reference_id": "RHSA-2024:2996", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2024:2996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12751", "reference_id": "RHSA-2025:12751", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:12751" }, { "reference_url": "https://usn.ubuntu.com/6587-1/", "reference_id": "USN-6587-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6587-1/" }, { "reference_url": "https://usn.ubuntu.com/6587-2/", "reference_id": "USN-6587-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6587-2/" }, { "reference_url": "https://usn.ubuntu.com/6587-5/", "reference_id": "USN-6587-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6587-5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943723?format=api", "purl": "pkg:deb/debian/xwayland@2:23.2.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2024-21885" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-v9p1-8sb6-9ufr" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46303?format=api", "vulnerability_id": "VCID-wh9v-35ju-vbcb", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0494.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0494.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0494", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69776", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69824", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69839", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69854", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69831", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69816", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69792", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00613", "scoring_system": "epss", "scoring_elements": "0.69768", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00711", "scoring_system": "epss", "scoring_elements": "0.72304", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00711", "scoring_system": "epss", "scoring_elements": "0.72295", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-0494" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0494", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0494" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://lists.x.org/archives/xorg-announce/2023-February/003320.html", "reference_id": "003320.html", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T17:41:52Z/" } ], "url": "https://lists.x.org/archives/xorg-announce/2023-February/003320.html" }, { "reference_url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec", "reference_id": "0ba6d8c37071131a49790243cdac55392ecf71ec", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T17:41:52Z/" } ], "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030777", "reference_id": "1030777", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030777" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165995", "reference_id": "2165995", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T17:41:52Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2165995" }, { "reference_url": "https://security.gentoo.org/glsa/202305-30", "reference_id": "GLSA-202305-30", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T17:41:52Z/" } ], "url": "https://security.gentoo.org/glsa/202305-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0622", "reference_id": "RHSA-2023:0622", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0622" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0623", "reference_id": "RHSA-2023:0623", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0623" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0662", "reference_id": "RHSA-2023:0662", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0662" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0663", "reference_id": "RHSA-2023:0663", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0663" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0664", "reference_id": "RHSA-2023:0664", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0664" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0665", "reference_id": "RHSA-2023:0665", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0665" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0671", "reference_id": "RHSA-2023:0671", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0671" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:0675", "reference_id": "RHSA-2023:0675", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:0675" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2248", "reference_id": "RHSA-2023:2248", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2248" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2249", "reference_id": "RHSA-2023:2249", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2249" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2805", "reference_id": "RHSA-2023:2805", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2805" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:2806", "reference_id": "RHSA-2023:2806", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:2806" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12751", "reference_id": "RHSA-2025:12751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12751" }, { "reference_url": "https://usn.ubuntu.com/5778-2/", "reference_id": "USN-5778-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5778-2/" }, { "reference_url": "https://usn.ubuntu.com/5846-1/", "reference_id": "USN-5846-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5846-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943720?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943713?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1pcv-f5h3-9fe9" }, { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-37e1-pzxj-2fdt" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-41cd-s77z-6bcc" }, { "vulnerability": "VCID-4ngr-6ccu-r7fv" }, { "vulnerability": "VCID-515f-a8yj-4fej" }, { "vulnerability": "VCID-5awx-j7z7-qyak" }, { "vulnerability": "VCID-6hwh-7tvr-sqgn" }, { "vulnerability": "VCID-6rcq-qxef-nuf7" }, { "vulnerability": "VCID-7nax-5yw9-eye8" }, { "vulnerability": "VCID-9cjy-6fj5-r7ag" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-fgnr-h7rm-83d4" }, { "vulnerability": "VCID-hkrr-v71f-xqdb" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-j6qd-r6ua-cfbm" }, { "vulnerability": "VCID-juet-bb4m-hkhq" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-p1tf-2c6u-tygr" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-phkz-t2yr-m7em" }, { "vulnerability": "VCID-qwqu-19wq-1ke8" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-trsp-u7xt-a3ck" }, { "vulnerability": "VCID-un9v-4svv-2baj" }, { "vulnerability": "VCID-v9p1-8sb6-9ufr" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" }, { "vulnerability": "VCID-x3p6-a59z-ebf3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-0494" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wh9v-35ju-vbcb" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46305?format=api", "vulnerability_id": "VCID-wp8b-r6p1-7kcf", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1393.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1393.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1393", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23801", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23662", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.2365", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23706", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23749", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23734", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23687", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23841", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.0008", "scoring_system": "epss", "scoring_elements": "0.23618", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00093", "scoring_system": "epss", "scoring_elements": "0.26007", "published_at": "2026-04-18T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-1393" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1393", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1393" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://www.openwall.com/lists/oss-security/2023/03/29/1", "reference_id": "1", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/" } ], "url": "https://www.openwall.com/lists/oss-security/2023/03/29/1" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180288", "reference_id": "2180288", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2180288" }, { "reference_url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110", "reference_id": "26ef545b3502f61ca722a7a3373507e88ef64110", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/" } ], "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPNQYHUI63DB5FHK6EOI3Z4C6YQZGZKI/", "reference_id": "BPNQYHUI63DB5FHK6EOI3Z4C6YQZGZKI", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPNQYHUI63DB5FHK6EOI3Z4C6YQZGZKI/" }, { "reference_url": "https://security.gentoo.org/glsa/202305-30", "reference_id": "GLSA-202305-30", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/" } ], "url": "https://security.gentoo.org/glsa/202305-30" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3EVO3OQV6T4BSABWZ2TU3PY5TJTEQZ2/", "reference_id": "H3EVO3OQV6T4BSABWZ2TU3PY5TJTEQZ2", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3EVO3OQV6T4BSABWZ2TU3PY5TJTEQZ2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MEHSYYFGBN3G4RS2HJXKQ5NBMOAZ5F2F/", "reference_id": "MEHSYYFGBN3G4RS2HJXKQ5NBMOAZ5F2F", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MEHSYYFGBN3G4RS2HJXKQ5NBMOAZ5F2F/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NOYATGGPMT3COC7ELAJW5TG2PVS3AFR2/", "reference_id": "NOYATGGPMT3COC7ELAJW5TG2PVS3AFR2", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NOYATGGPMT3COC7ELAJW5TG2PVS3AFR2/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PSAAGI5V77FQXIT5PP4URP6BYQVCK5U5/", "reference_id": "PSAAGI5V77FQXIT5PP4URP6BYQVCK5U5", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PSAAGI5V77FQXIT5PP4URP6BYQVCK5U5/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHJMSMK7G4GPLMKIGKXIOL2RTKU5VFWE/", "reference_id": "QHJMSMK7G4GPLMKIGKXIOL2RTKU5VFWE", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHJMSMK7G4GPLMKIGKXIOL2RTKU5VFWE/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1548", "reference_id": "RHSA-2023:1548", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1548" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1549", "reference_id": "RHSA-2023:1549", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1549" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1551", "reference_id": "RHSA-2023:1551", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1551" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1592", "reference_id": "RHSA-2023:1592", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1592" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1594", "reference_id": "RHSA-2023:1594", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1594" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1598", "reference_id": "RHSA-2023:1598", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1598" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1599", "reference_id": "RHSA-2023:1599", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1599" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:1600", "reference_id": "RHSA-2023:1600", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:1600" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6340", "reference_id": "RHSA-2023:6340", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6340" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6341", "reference_id": "RHSA-2023:6341", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6341" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6916", "reference_id": "RHSA-2023:6916", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6916" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:6917", "reference_id": "RHSA-2023:6917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:6917" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12751", "reference_id": "RHSA-2025:12751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12751" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SW2NRC3V53PIBXFPFBVWCOM2MDDILWQS/", "reference_id": "SW2NRC3V53PIBXFPFBVWCOM2MDDILWQS", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SW2NRC3V53PIBXFPFBVWCOM2MDDILWQS/" }, { "reference_url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWFUDSBSABRHQOX6TIQ5O3SNPFTPFQQP/", "reference_id": "SWFUDSBSABRHQOX6TIQ5O3SNPFTPFQQP", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/" } ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWFUDSBSABRHQOX6TIQ5O3SNPFTPFQQP/" }, { "reference_url": "https://usn.ubuntu.com/5986-1/", "reference_id": "USN-5986-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5986-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943713?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1pcv-f5h3-9fe9" }, { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-37e1-pzxj-2fdt" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-41cd-s77z-6bcc" }, { "vulnerability": "VCID-4ngr-6ccu-r7fv" }, { "vulnerability": "VCID-515f-a8yj-4fej" }, { "vulnerability": "VCID-5awx-j7z7-qyak" }, { "vulnerability": "VCID-6hwh-7tvr-sqgn" }, { "vulnerability": "VCID-6rcq-qxef-nuf7" }, { "vulnerability": "VCID-7nax-5yw9-eye8" }, { "vulnerability": "VCID-9cjy-6fj5-r7ag" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-fgnr-h7rm-83d4" }, { "vulnerability": "VCID-hkrr-v71f-xqdb" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-j6qd-r6ua-cfbm" }, { "vulnerability": "VCID-juet-bb4m-hkhq" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-p1tf-2c6u-tygr" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-phkz-t2yr-m7em" }, { "vulnerability": "VCID-qwqu-19wq-1ke8" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-trsp-u7xt-a3ck" }, { "vulnerability": "VCID-un9v-4svv-2baj" }, { "vulnerability": "VCID-v9p1-8sb6-9ufr" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" }, { "vulnerability": "VCID-x3p6-a59z-ebf3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-1393" ], "risk_score": 3.5, "exploitability": "0.5", "weighted_severity": "7.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wp8b-r6p1-7kcf" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/69417?format=api", "vulnerability_id": "VCID-wyuw-13t9-rbg1", "summary": "xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49176.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49176.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49176", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24214", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24169", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24316", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24102", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24253", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.24188", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00082", "scoring_system": "epss", "scoring_elements": "0.2423", "published_at": "2026-04-11T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44898", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44852", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00222", "scoring_system": "epss", "scoring_elements": "0.44904", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-49176" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49176", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49176" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/03731b326a80b582e48d939fe62cb1e2b10400d9", "reference_id": "03731b326a80b582e48d939fe62cb1e2b10400d9", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/03731b326a80b582e48d939fe62cb1e2b10400d9" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108073", "reference_id": "1108073", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108073" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369", "reference_id": "1108369", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369954", "reference_id": "2369954", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369954" }, { "reference_url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/4fc4d76b2c7aaed61ed2653f997783a3714c4fe1", "reference_id": "4fc4d76b2c7aaed61ed2653f997783a3714c4fe1", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/4fc4d76b2c7aaed61ed2653f997783a3714c4fe1" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:8::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream", "reference_id": "cpe:/a:redhat:enterprise_linux:9::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb", "reference_id": "cpe:/a:redhat:enterprise_linux:9::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_aus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.0::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_id": "cpe:/a:redhat:rhel_e4s:9.2::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb", "reference_id": "cpe:/a:redhat:rhel_eus:9.4::crb", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.6::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_id": "cpe:/a:redhat:rhel_tus:8.8::appstream", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0", "reference_id": "cpe:/o:redhat:enterprise_linux:10.0", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6", "reference_id": "cpe:/o:redhat:enterprise_linux:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server", "reference_id": "cpe:/o:redhat:rhel_aus:7.7::server", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6", "reference_id": "cpe:/o:redhat:rhel_els:6", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6" }, { "reference_url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7", "reference_id": "cpe:/o:redhat:rhel_els:7", "reference_type": "", "scores": [], "url": "https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7" }, { "reference_url": "https://access.redhat.com/security/cve/CVE-2025-49176", "reference_id": "CVE-2025-49176", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/security/cve/CVE-2025-49176" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10258", "reference_id": "RHSA-2025:10258", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10258" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10342", "reference_id": "RHSA-2025:10342", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10342" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10343", "reference_id": "RHSA-2025:10343", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10343" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10344", "reference_id": "RHSA-2025:10344", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10344" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10346", "reference_id": "RHSA-2025:10346", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10346" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10347", "reference_id": "RHSA-2025:10347", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10347" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10348", "reference_id": "RHSA-2025:10348", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10348" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10349", "reference_id": "RHSA-2025:10349", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10350", "reference_id": "RHSA-2025:10350", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10350" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10351", "reference_id": "RHSA-2025:10351", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10352", "reference_id": "RHSA-2025:10352", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10355", "reference_id": "RHSA-2025:10355", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10355" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10356", "reference_id": "RHSA-2025:10356", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10356" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10360", "reference_id": "RHSA-2025:10360", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10360" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10370", "reference_id": "RHSA-2025:10370", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10370" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10374", "reference_id": "RHSA-2025:10374", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10374" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10375", "reference_id": "RHSA-2025:10375", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10375" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10376", "reference_id": "RHSA-2025:10376", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10376" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10377", "reference_id": "RHSA-2025:10377", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10377" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10378", "reference_id": "RHSA-2025:10378", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10378" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10381", "reference_id": "RHSA-2025:10381", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10381" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:10410", "reference_id": "RHSA-2025:10410", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:10410" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9303", "reference_id": "RHSA-2025:9303", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9303" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9304", "reference_id": "RHSA-2025:9304", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9304" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9305", "reference_id": "RHSA-2025:9305", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9305" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9306", "reference_id": "RHSA-2025:9306", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9306" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9392", "reference_id": "RHSA-2025:9392", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9392" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:9964", "reference_id": "RHSA-2025:9964", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2025:9964" }, { "reference_url": "https://www.x.org/wiki/Development/Security/", "reference_id": "Security", "reference_type": "", "scores": [ { "value": "7.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/" } ], "url": "https://www.x.org/wiki/Development/Security/" }, { "reference_url": "https://usn.ubuntu.com/7573-1/", "reference_id": "USN-7573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7573-1/" }, { "reference_url": "https://usn.ubuntu.com/7573-2/", "reference_id": "USN-7573-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/7573-2/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943726?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.8-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.8-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2025-49176" ], "risk_score": 3.3, "exploitability": "0.5", "weighted_severity": "6.6", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wyuw-13t9-rbg1" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/267378?format=api", "vulnerability_id": "VCID-wzer-jnm3-rqa8", "summary": "", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33999", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33999" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-33999" ], "risk_score": 1.5, "exploitability": "0.5", "weighted_severity": "3.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wzer-jnm3-rqa8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/267380?format=api", "vulnerability_id": "VCID-x3dk-fny6-fqa5", "summary": "", "references": [ { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34001", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34001" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2026-34001" ], "risk_score": 1.8, "exploitability": "0.5", "weighted_severity": "3.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x3dk-fny6-fqa5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/49326?format=api", "vulnerability_id": "VCID-x3p6-a59z-ebf3", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6478.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6478.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6478", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.7893", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78958", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78941", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78966", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78972", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78996", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78981", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78971", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.01208", "scoring_system": "epss", "scoring_elements": "0.78999", "published_at": "2026-04-16T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2023-6478" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6377", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6377" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6478", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6478" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.6", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253298", "reference_id": "2253298", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2253298" }, { "reference_url": "https://security.gentoo.org/glsa/202401-30", "reference_id": "GLSA-202401-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202401-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2023:7886", "reference_id": "RHSA-2023:7886", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2023:7886" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0006", "reference_id": "RHSA-2024:0006", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0006" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0009", "reference_id": "RHSA-2024:0009", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0009" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0010", "reference_id": "RHSA-2024:0010", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0010" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0014", "reference_id": "RHSA-2024:0014", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0014" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0015", "reference_id": "RHSA-2024:0015", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0015" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0016", "reference_id": "RHSA-2024:0016", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0016" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0017", "reference_id": "RHSA-2024:0017", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0017" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0018", "reference_id": "RHSA-2024:0018", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0018" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:0020", "reference_id": "RHSA-2024:0020", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:0020" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2169", "reference_id": "RHSA-2024:2169", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2169" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2170", "reference_id": "RHSA-2024:2170", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2170" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2995", "reference_id": "RHSA-2024:2995", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2995" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2024:2996", "reference_id": "RHSA-2024:2996", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2024:2996" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2025:12751", "reference_id": "RHSA-2025:12751", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2025:12751" }, { "reference_url": "https://usn.ubuntu.com/6555-1/", "reference_id": "USN-6555-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6555-1/" }, { "reference_url": "https://usn.ubuntu.com/6555-2/", "reference_id": "USN-6555-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6555-2/" }, { "reference_url": "https://usn.ubuntu.com/6587-5/", "reference_id": "USN-6587-5", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/6587-5/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943722?format=api", "purl": "pkg:deb/debian/xwayland@2:23.2.3-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.3-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2023-6478" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x3p6-a59z-ebf3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/46287?format=api", "vulnerability_id": "VCID-zhdy-8stm-q3ey", "summary": "Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4009.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4009.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4009", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25795", "published_at": "2026-04-01T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25684", "published_at": "2026-04-18T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25757", "published_at": "2026-04-12T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25699", "published_at": "2026-04-13T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25702", "published_at": "2026-04-16T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25855", "published_at": "2026-04-02T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25898", "published_at": "2026-04-04T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.2567", "published_at": "2026-04-07T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25741", "published_at": "2026-04-08T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25789", "published_at": "2026-04-09T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25799", "published_at": "2026-04-11T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2021-4009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.8", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026072", "reference_id": "2026072", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2026072" }, { "reference_url": "https://security.archlinux.org/AVG-2636", "reference_id": "AVG-2636", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2636" }, { "reference_url": "https://security.archlinux.org/AVG-2640", "reference_id": "AVG-2640", "reference_type": "", "scores": [ { "value": "High", "scoring_system": "archlinux", "scoring_elements": "" } ], "url": "https://security.archlinux.org/AVG-2640" }, { "reference_url": "https://security.gentoo.org/glsa/202305-30", "reference_id": "GLSA-202305-30", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/202305-30" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:0003", "reference_id": "RHSA-2022:0003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:0003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2022:1917", "reference_id": "RHSA-2022:1917", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2022:1917" }, { "reference_url": "https://usn.ubuntu.com/5193-1/", "reference_id": "USN-5193-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5193-1/" }, { "reference_url": "https://usn.ubuntu.com/5193-2/", "reference_id": "USN-5193-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5193-2/" }, { "reference_url": "https://usn.ubuntu.com/5193-3/", "reference_id": "USN-5193-3", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/5193-3/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/943714?format=api", "purl": "pkg:deb/debian/xwayland@2:21.1.4-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:21.1.4-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943713?format=api", "purl": "pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-1pcv-f5h3-9fe9" }, { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-37e1-pzxj-2fdt" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-41cd-s77z-6bcc" }, { "vulnerability": "VCID-4ngr-6ccu-r7fv" }, { "vulnerability": "VCID-515f-a8yj-4fej" }, { "vulnerability": "VCID-5awx-j7z7-qyak" }, { "vulnerability": "VCID-6hwh-7tvr-sqgn" }, { "vulnerability": "VCID-6rcq-qxef-nuf7" }, { "vulnerability": "VCID-7nax-5yw9-eye8" }, { "vulnerability": "VCID-9cjy-6fj5-r7ag" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-fgnr-h7rm-83d4" }, { "vulnerability": "VCID-hkrr-v71f-xqdb" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-j6qd-r6ua-cfbm" }, { "vulnerability": "VCID-juet-bb4m-hkhq" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-p1tf-2c6u-tygr" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-phkz-t2yr-m7em" }, { "vulnerability": "VCID-qwqu-19wq-1ke8" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-trsp-u7xt-a3ck" }, { "vulnerability": "VCID-un9v-4svv-2baj" }, { "vulnerability": "VCID-v9p1-8sb6-9ufr" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" }, { "vulnerability": "VCID-x3p6-a59z-ebf3" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943716?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-2cp3-p3yx-17be" }, { "vulnerability": "VCID-2vrb-n6cc-c7bc" }, { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-e9px-edn1-tufs" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-may9-9sdj-cbbd" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-s7xs-zcxk-nyc7" }, { "vulnerability": "VCID-sfgy-e6d6-f3fd" }, { "vulnerability": "VCID-sx54-5s5r-ckg2" }, { "vulnerability": "VCID-t1cy-srre-nkbp" }, { "vulnerability": "VCID-wyuw-13t9-rbg1" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/943715?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-3f4a-m4rt-qqej" }, { "vulnerability": "VCID-hxab-xyu1-xkgc" }, { "vulnerability": "VCID-pa9n-ntq3-jqaz" }, { "vulnerability": "VCID-wzer-jnm3-rqa8" }, { "vulnerability": "VCID-x3dk-fny6-fqa5" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie" }, { "url": "http://public2.vulnerablecode.io/api/packages/1067653?format=api", "purl": "pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" } ], "aliases": [ "CVE-2021-4009" ], "risk_score": 4.0, "exploitability": "0.5", "weighted_severity": "8.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zhdy-8stm-q3ey" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie" }