{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","type":"deb","namespace":"debian","name":"xwayland","version":"2:24.1.11-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46286?format=json","vulnerability_id":"VCID-1cjg-y5qm-sffh","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4008.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4008.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4008","reference_id":"","reference_type":"","scores":[{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22403","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22231","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22255","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.2225","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22148","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.2257","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22613","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.224","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22481","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22536","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22555","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22514","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22459","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22474","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22471","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22421","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00074","scoring_system":"epss","scoring_elements":"0.22269","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2026059","reference_id":"2026059","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2026059"},{"reference_url":"https://security.archlinux.org/AVG-2636","reference_id":"AVG-2636","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2636"},{"reference_url":"https://security.archlinux.org/AVG-2640","reference_id":"AVG-2640","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2640"},{"reference_url":"https://security.gentoo.org/glsa/202305-30","reference_id":"GLSA-202305-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0003","reference_id":"RHSA-2022:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1917","reference_id":"RHSA-2022:1917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1917"},{"reference_url":"https://usn.ubuntu.com/5193-1/","reference_id":"USN-5193-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5193-1/"},{"reference_url":"https://usn.ubuntu.com/5193-2/","reference_id":"USN-5193-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5193-2/"},{"reference_url":"https://usn.ubuntu.com/5193-3/","reference_id":"USN-5193-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5193-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943714?format=json","purl":"pkg:deb/debian/xwayland@2:21.1.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:21.1.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943713?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pcv-f5h3-9fe9"},{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-37e1-pzxj-2fdt"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-41cd-s77z-6bcc"},{"vulnerability":"VCID-4ngr-6ccu-r7fv"},{"vulnerability":"VCID-515f-a8yj-4fej"},{"vulnerability":"VCID-5awx-j7z7-qyak"},{"vulnerability":"VCID-6hwh-7tvr-sqgn"},{"vulnerability":"VCID-6rcq-qxef-nuf7"},{"vulnerability":"VCID-7nax-5yw9-eye8"},{"vulnerability":"VCID-9cjy-6fj5-r7ag"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-fgnr-h7rm-83d4"},{"vulnerability":"VCID-hkrr-v71f-xqdb"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-j6qd-r6ua-cfbm"},{"vulnerability":"VCID-juet-bb4m-hkhq"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-p1tf-2c6u-tygr"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-phkz-t2yr-m7em"},{"vulnerability":"VCID-qwqu-19wq-1ke8"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-trsp-u7xt-a3ck"},{"vulnerability":"VCID-un9v-4svv-2baj"},{"vulnerability":"VCID-v9p1-8sb6-9ufr"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"},{"vulnerability":"VCID-x3p6-a59z-ebf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2021-4008"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1cjg-y5qm-sffh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59264?format=json","vulnerability_id":"VCID-1pcv-f5h3-9fe9","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26595.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26595.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26595","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05731","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05771","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05797","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05775","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05761","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05724","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05733","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08223","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08123","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08486","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08449","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08492","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18539","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26595"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26595","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26595"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906","reference_id":"1098906","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907","reference_id":"1098907","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345257","reference_id":"2345257","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345257"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-26595","reference_id":"CVE-2025-26595","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-26595"},{"reference_url":"https://security.gentoo.org/glsa/202506-04","reference_id":"GLSA-202506-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2500","reference_id":"RHSA-2025:2500","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2502","reference_id":"RHSA-2025:2502","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2861","reference_id":"RHSA-2025:2861","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2862","reference_id":"RHSA-2025:2862","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2865","reference_id":"RHSA-2025:2865","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2866","reference_id":"RHSA-2025:2866","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2873","reference_id":"RHSA-2025:2873","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2874","reference_id":"RHSA-2025:2874","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2875","reference_id":"RHSA-2025:2875","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2879","reference_id":"RHSA-2025:2879","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2880","reference_id":"RHSA-2025:2880","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3976","reference_id":"RHSA-2025:3976","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7163","reference_id":"RHSA-2025:7163","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7165","reference_id":"RHSA-2025:7165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7458","reference_id":"RHSA-2025:7458","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7458"},{"reference_url":"https://usn.ubuntu.com/7299-1/","reference_id":"USN-7299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-1/"},{"reference_url":"https://usn.ubuntu.com/7299-2/","reference_id":"USN-7299-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-2/"},{"reference_url":"https://usn.ubuntu.com/7299-4/","reference_id":"USN-7299-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2025-26595"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1pcv-f5h3-9fe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46300?format=json","vulnerability_id":"VCID-28er-gwh3-rugq","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46342.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46342.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-46342","reference_id":"","reference_type":"","scores":[{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33464","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34059","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.3409","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33947","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33989","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.34021","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.3402","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33978","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33954","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00139","scoring_system":"epss","scoring_elements":"0.33395","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34833","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35225","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35176","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34942","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.34924","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00148","scoring_system":"epss","scoring_elements":"0.35239","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-46342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071","reference_id":"1026071","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2151757","reference_id":"2151757","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:21:01Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2151757"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/","reference_id":"5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:21:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2022-46342","reference_id":"CVE-2022-46342","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:21:01Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2022-46342"},{"reference_url":"https://www.debian.org/security/2022/dsa-5304","reference_id":"dsa-5304","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:21:01Z/"}],"url":"https://www.debian.org/security/2022/dsa-5304"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/","reference_id":"DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:21:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/"},{"reference_url":"https://security.gentoo.org/glsa/202305-30","reference_id":"GLSA-202305-30","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:21:01Z/"}],"url":"https://security.gentoo.org/glsa/202305-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0045","reference_id":"RHSA-2023:0045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0046","reference_id":"RHSA-2023:0046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2248","reference_id":"RHSA-2023:2248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2249","reference_id":"RHSA-2023:2249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2257","reference_id":"RHSA-2023:2257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2805","reference_id":"RHSA-2023:2805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2806","reference_id":"RHSA-2023:2806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2830","reference_id":"RHSA-2023:2830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/5778-1/","reference_id":"USN-5778-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5778-1/"},{"reference_url":"https://usn.ubuntu.com/5778-2/","reference_id":"USN-5778-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5778-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/","reference_id":"Z67QC4C3I2FI2WRFIUPEHKC36J362MLA","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:21:01Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943719?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943713?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pcv-f5h3-9fe9"},{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-37e1-pzxj-2fdt"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-41cd-s77z-6bcc"},{"vulnerability":"VCID-4ngr-6ccu-r7fv"},{"vulnerability":"VCID-515f-a8yj-4fej"},{"vulnerability":"VCID-5awx-j7z7-qyak"},{"vulnerability":"VCID-6hwh-7tvr-sqgn"},{"vulnerability":"VCID-6rcq-qxef-nuf7"},{"vulnerability":"VCID-7nax-5yw9-eye8"},{"vulnerability":"VCID-9cjy-6fj5-r7ag"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-fgnr-h7rm-83d4"},{"vulnerability":"VCID-hkrr-v71f-xqdb"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-j6qd-r6ua-cfbm"},{"vulnerability":"VCID-juet-bb4m-hkhq"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-p1tf-2c6u-tygr"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-phkz-t2yr-m7em"},{"vulnerability":"VCID-qwqu-19wq-1ke8"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-trsp-u7xt-a3ck"},{"vulnerability":"VCID-un9v-4svv-2baj"},{"vulnerability":"VCID-v9p1-8sb6-9ufr"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"},{"vulnerability":"VCID-x3p6-a59z-ebf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2022-46342"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-28er-gwh3-rugq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69421?format=json","vulnerability_id":"VCID-2cp3-p3yx-17be","summary":"xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49180.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49180.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49180","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17986","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17899","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17944","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17928","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17868","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.1778","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18079","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30834","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.31292","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.3112","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30998","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30915","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30765","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.3612","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36105","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36079","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49180"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369","reference_id":"1108369","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369981","reference_id":"2369981","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369981"},{"reference_url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/3c3a4b767b16174d3213055947ea7f4f88e10ec6","reference_id":"3c3a4b767b16174d3213055947ea7f4f88e10ec6","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/3c3a4b767b16174d3213055947ea7f4f88e10ec6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server","reference_id":"cpe:/o:redhat:rhel_aus:7.7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-49180","reference_id":"CVE-2025-49180","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-49180"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10258","reference_id":"RHSA-2025:10258","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10342","reference_id":"RHSA-2025:10342","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10343","reference_id":"RHSA-2025:10343","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10344","reference_id":"RHSA-2025:10344","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10346","reference_id":"RHSA-2025:10346","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10347","reference_id":"RHSA-2025:10347","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10348","reference_id":"RHSA-2025:10348","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10349","reference_id":"RHSA-2025:10349","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10350","reference_id":"RHSA-2025:10350","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10351","reference_id":"RHSA-2025:10351","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10352","reference_id":"RHSA-2025:10352","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10355","reference_id":"RHSA-2025:10355","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10356","reference_id":"RHSA-2025:10356","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10356"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10360","reference_id":"RHSA-2025:10360","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10370","reference_id":"RHSA-2025:10370","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10374","reference_id":"RHSA-2025:10374","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10375","reference_id":"RHSA-2025:10375","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10376","reference_id":"RHSA-2025:10376","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10377","reference_id":"RHSA-2025:10377","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10377"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10378","reference_id":"RHSA-2025:10378","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10381","reference_id":"RHSA-2025:10381","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10410","reference_id":"RHSA-2025:10410","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9303","reference_id":"RHSA-2025:9303","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9304","reference_id":"RHSA-2025:9304","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9305","reference_id":"RHSA-2025:9305","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9306","reference_id":"RHSA-2025:9306","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9392","reference_id":"RHSA-2025:9392","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9964","reference_id":"RHSA-2025:9964","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9964"},{"reference_url":"https://usn.ubuntu.com/7573-1/","reference_id":"USN-7573-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-1/"},{"reference_url":"https://usn.ubuntu.com/7573-2/","reference_id":"USN-7573-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943726?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2025-49180"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2cp3-p3yx-17be"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69419?format=json","vulnerability_id":"VCID-2vrb-n6cc-c7bc","summary":"xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49178.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49178.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49178","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2178","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21634","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21741","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21881","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21768","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21711","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22897","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40691","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41056","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41027","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.4095","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40857","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40844","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.4076","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40618","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41013","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49178"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369","reference_id":"1108369","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369977","reference_id":"2369977","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369977"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server","reference_id":"cpe:/o:redhat:rhel_aus:7.7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-49178","reference_id":"CVE-2025-49178","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-49178"},{"reference_url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/d55c54cecb5e83eaa2d56bed5cc4461f9ba318c2","reference_id":"d55c54cecb5e83eaa2d56bed5cc4461f9ba318c2","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/d55c54cecb5e83eaa2d56bed5cc4461f9ba318c2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10258","reference_id":"RHSA-2025:10258","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10342","reference_id":"RHSA-2025:10342","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10343","reference_id":"RHSA-2025:10343","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10344","reference_id":"RHSA-2025:10344","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10346","reference_id":"RHSA-2025:10346","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10347","reference_id":"RHSA-2025:10347","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10348","reference_id":"RHSA-2025:10348","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10349","reference_id":"RHSA-2025:10349","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10350","reference_id":"RHSA-2025:10350","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10351","reference_id":"RHSA-2025:10351","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10352","reference_id":"RHSA-2025:10352","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10355","reference_id":"RHSA-2025:10355","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10356","reference_id":"RHSA-2025:10356","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10356"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10360","reference_id":"RHSA-2025:10360","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10370","reference_id":"RHSA-2025:10370","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10374","reference_id":"RHSA-2025:10374","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10375","reference_id":"RHSA-2025:10375","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10376","reference_id":"RHSA-2025:10376","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10377","reference_id":"RHSA-2025:10377","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10377"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10378","reference_id":"RHSA-2025:10378","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10381","reference_id":"RHSA-2025:10381","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10410","reference_id":"RHSA-2025:10410","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9303","reference_id":"RHSA-2025:9303","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9304","reference_id":"RHSA-2025:9304","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9305","reference_id":"RHSA-2025:9305","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9306","reference_id":"RHSA-2025:9306","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9392","reference_id":"RHSA-2025:9392","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9964","reference_id":"RHSA-2025:9964","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9964"},{"reference_url":"https://www.x.org/wiki/Development/Security/","reference_id":"Security","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://www.x.org/wiki/Development/Security/"},{"reference_url":"https://usn.ubuntu.com/7573-1/","reference_id":"USN-7573-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-1/"},{"reference_url":"https://usn.ubuntu.com/7573-2/","reference_id":"USN-7573-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943726?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2025-49178"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2vrb-n6cc-c7bc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59267?format=json","vulnerability_id":"VCID-37e1-pzxj-2fdt","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26598.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26598.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26598","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06106","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06148","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06185","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06177","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06173","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06165","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06123","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06135","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08785","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08934","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08866","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09209","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09153","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09164","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20468","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20528","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26598"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906","reference_id":"1098906","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907","reference_id":"1098907","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345254","reference_id":"2345254","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345254"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-26598","reference_id":"CVE-2025-26598","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-26598"},{"reference_url":"https://security.gentoo.org/glsa/202506-04","reference_id":"GLSA-202506-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2500","reference_id":"RHSA-2025:2500","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2502","reference_id":"RHSA-2025:2502","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2861","reference_id":"RHSA-2025:2861","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2862","reference_id":"RHSA-2025:2862","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2865","reference_id":"RHSA-2025:2865","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2866","reference_id":"RHSA-2025:2866","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2873","reference_id":"RHSA-2025:2873","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2874","reference_id":"RHSA-2025:2874","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2875","reference_id":"RHSA-2025:2875","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2879","reference_id":"RHSA-2025:2879","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2880","reference_id":"RHSA-2025:2880","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3976","reference_id":"RHSA-2025:3976","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7163","reference_id":"RHSA-2025:7163","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7165","reference_id":"RHSA-2025:7165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7458","reference_id":"RHSA-2025:7458","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7458"},{"reference_url":"https://usn.ubuntu.com/7299-1/","reference_id":"USN-7299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-1/"},{"reference_url":"https://usn.ubuntu.com/7299-2/","reference_id":"USN-7299-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-2/"},{"reference_url":"https://usn.ubuntu.com/7299-4/","reference_id":"USN-7299-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2025-26598"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-37e1-pzxj-2fdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267381?format=json","vulnerability_id":"VCID-3f4a-m4rt-qqej","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34002.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34002.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34002","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01843","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34002"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451112","reference_id":"2451112","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T14:27:00Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451112"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-34002","reference_id":"CVE-2026-34002","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T14:27:00Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-34002"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2026-34002"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3f4a-m4rt-qqej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59265?format=json","vulnerability_id":"VCID-41cd-s77z-6bcc","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26596.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26596.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26596","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05731","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05771","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05797","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05775","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05761","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05724","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05733","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08223","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08123","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08486","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08449","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08492","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18539","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26596"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26596","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26596"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906","reference_id":"1098906","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907","reference_id":"1098907","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345256","reference_id":"2345256","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345256"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-26596","reference_id":"CVE-2025-26596","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-26596"},{"reference_url":"https://security.gentoo.org/glsa/202506-04","reference_id":"GLSA-202506-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2500","reference_id":"RHSA-2025:2500","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2502","reference_id":"RHSA-2025:2502","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2861","reference_id":"RHSA-2025:2861","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2862","reference_id":"RHSA-2025:2862","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2865","reference_id":"RHSA-2025:2865","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2866","reference_id":"RHSA-2025:2866","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2873","reference_id":"RHSA-2025:2873","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2874","reference_id":"RHSA-2025:2874","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2875","reference_id":"RHSA-2025:2875","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2879","reference_id":"RHSA-2025:2879","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2880","reference_id":"RHSA-2025:2880","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3976","reference_id":"RHSA-2025:3976","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7163","reference_id":"RHSA-2025:7163","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7165","reference_id":"RHSA-2025:7165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7458","reference_id":"RHSA-2025:7458","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7458"},{"reference_url":"https://usn.ubuntu.com/7299-1/","reference_id":"USN-7299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-1/"},{"reference_url":"https://usn.ubuntu.com/7299-2/","reference_id":"USN-7299-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-2/"},{"reference_url":"https://usn.ubuntu.com/7299-4/","reference_id":"USN-7299-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2025-26596"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-41cd-s77z-6bcc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46298?format=json","vulnerability_id":"VCID-44yr-b94s-nfd5","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46340.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46340.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-46340","reference_id":"","reference_type":"","scores":[{"value":"0.0113","scoring_system":"epss","scoring_elements":"0.78262","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0113","scoring_system":"epss","scoring_elements":"0.78293","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0113","scoring_system":"epss","scoring_elements":"0.78275","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0113","scoring_system":"epss","scoring_elements":"0.78301","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0113","scoring_system":"epss","scoring_elements":"0.78307","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0113","scoring_system":"epss","scoring_elements":"0.78333","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0113","scoring_system":"epss","scoring_elements":"0.78316","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0113","scoring_system":"epss","scoring_elements":"0.78309","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01132","scoring_system":"epss","scoring_elements":"0.78458","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01132","scoring_system":"epss","scoring_elements":"0.78433","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01202","scoring_system":"epss","scoring_elements":"0.78952","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01202","scoring_system":"epss","scoring_elements":"0.78951","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01202","scoring_system":"epss","scoring_elements":"0.78988","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01202","scoring_system":"epss","scoring_elements":"0.79004","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01202","scoring_system":"epss","scoring_elements":"0.78981","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01202","scoring_system":"epss","scoring_elements":"0.78955","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-46340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071","reference_id":"1026071","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2151755","reference_id":"2151755","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2151755"},{"reference_url":"https://security.gentoo.org/glsa/202305-30","reference_id":"GLSA-202305-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0045","reference_id":"RHSA-2023:0045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0046","reference_id":"RHSA-2023:0046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2248","reference_id":"RHSA-2023:2248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2249","reference_id":"RHSA-2023:2249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2257","reference_id":"RHSA-2023:2257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2805","reference_id":"RHSA-2023:2805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2806","reference_id":"RHSA-2023:2806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2830","reference_id":"RHSA-2023:2830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/5778-1/","reference_id":"USN-5778-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5778-1/"},{"reference_url":"https://usn.ubuntu.com/5778-2/","reference_id":"USN-5778-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5778-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943719?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943713?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pcv-f5h3-9fe9"},{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-37e1-pzxj-2fdt"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-41cd-s77z-6bcc"},{"vulnerability":"VCID-4ngr-6ccu-r7fv"},{"vulnerability":"VCID-515f-a8yj-4fej"},{"vulnerability":"VCID-5awx-j7z7-qyak"},{"vulnerability":"VCID-6hwh-7tvr-sqgn"},{"vulnerability":"VCID-6rcq-qxef-nuf7"},{"vulnerability":"VCID-7nax-5yw9-eye8"},{"vulnerability":"VCID-9cjy-6fj5-r7ag"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-fgnr-h7rm-83d4"},{"vulnerability":"VCID-hkrr-v71f-xqdb"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-j6qd-r6ua-cfbm"},{"vulnerability":"VCID-juet-bb4m-hkhq"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-p1tf-2c6u-tygr"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-phkz-t2yr-m7em"},{"vulnerability":"VCID-qwqu-19wq-1ke8"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-trsp-u7xt-a3ck"},{"vulnerability":"VCID-un9v-4svv-2baj"},{"vulnerability":"VCID-v9p1-8sb6-9ufr"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"},{"vulnerability":"VCID-x3p6-a59z-ebf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2022-46340"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-44yr-b94s-nfd5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41834?format=json","vulnerability_id":"VCID-4ngr-6ccu-r7fv","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31083.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31083.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31083","reference_id":"","reference_type":"","scores":[{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26024","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26124","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.2612","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26069","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.2596","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.28089","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27951","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27992","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27995","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27952","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27893","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27902","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27841","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.28048","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27884","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31083"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272000","reference_id":"2272000","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272000"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-31083","reference_id":"CVE-2024-31083","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-31083"},{"reference_url":"https://security.gentoo.org/glsa/202411-08","reference_id":"GLSA-202411-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202411-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1785","reference_id":"RHSA-2024:1785","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:1785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2036","reference_id":"RHSA-2024:2036","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2036"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2037","reference_id":"RHSA-2024:2037","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2037"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2038","reference_id":"RHSA-2024:2038","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2038"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2039","reference_id":"RHSA-2024:2039","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2039"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2040","reference_id":"RHSA-2024:2040","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2041","reference_id":"RHSA-2024:2041","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2042","reference_id":"RHSA-2024:2042","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2080","reference_id":"RHSA-2024:2080","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2616","reference_id":"RHSA-2024:2616","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2616"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3258","reference_id":"RHSA-2024:3258","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3261","reference_id":"RHSA-2024:3261","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3343","reference_id":"RHSA-2024:3343","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9093","reference_id":"RHSA-2024:9093","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9093"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9122","reference_id":"RHSA-2024:9122","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6721-1/","reference_id":"USN-6721-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6721-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943724?format=json","purl":"pkg:deb/debian/xwayland@2:23.2.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2024-31083"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ngr-6ccu-r7fv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59271?format=json","vulnerability_id":"VCID-515f-a8yj-4fej","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26600.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26600.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26600","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05731","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05771","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05797","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05775","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05761","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05724","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05733","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08223","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08123","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08486","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08449","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08492","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18539","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26600"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26600","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26600"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906","reference_id":"1098906","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907","reference_id":"1098907","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345252","reference_id":"2345252","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345252"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-26600","reference_id":"CVE-2025-26600","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-26600"},{"reference_url":"https://security.gentoo.org/glsa/202506-04","reference_id":"GLSA-202506-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2500","reference_id":"RHSA-2025:2500","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2502","reference_id":"RHSA-2025:2502","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2861","reference_id":"RHSA-2025:2861","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2862","reference_id":"RHSA-2025:2862","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2865","reference_id":"RHSA-2025:2865","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2866","reference_id":"RHSA-2025:2866","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2873","reference_id":"RHSA-2025:2873","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2874","reference_id":"RHSA-2025:2874","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2875","reference_id":"RHSA-2025:2875","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2879","reference_id":"RHSA-2025:2879","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2880","reference_id":"RHSA-2025:2880","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3976","reference_id":"RHSA-2025:3976","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7163","reference_id":"RHSA-2025:7163","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7165","reference_id":"RHSA-2025:7165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7458","reference_id":"RHSA-2025:7458","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7458"},{"reference_url":"https://usn.ubuntu.com/7299-1/","reference_id":"USN-7299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-1/"},{"reference_url":"https://usn.ubuntu.com/7299-2/","reference_id":"USN-7299-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-2/"},{"reference_url":"https://usn.ubuntu.com/7299-4/","reference_id":"USN-7299-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2025-26600"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-515f-a8yj-4fej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49329?format=json","vulnerability_id":"VCID-5awx-j7z7-qyak","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0408.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0408.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0408","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04349","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04147","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04271","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04284","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04304","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04337","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04324","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.04874","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.04857","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.04831","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06473","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06409","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06496","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06491","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06484","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06453","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257689","reference_id":"2257689","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257689"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-0408","reference_id":"CVE-2024-0408","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-0408"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0320","reference_id":"RHSA-2024:0320","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://usn.ubuntu.com/6587-1/","reference_id":"USN-6587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-1/"},{"reference_url":"https://usn.ubuntu.com/6587-2/","reference_id":"USN-6587-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-2/"},{"reference_url":"https://usn.ubuntu.com/6587-5/","reference_id":"USN-6587-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943723?format=json","purl":"pkg:deb/debian/xwayland@2:23.2.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2024-0408"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5awx-j7z7-qyak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59266?format=json","vulnerability_id":"VCID-6hwh-7tvr-sqgn","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26597.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26597.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26597","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05797","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05733","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05724","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05761","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05731","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05771","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05775","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08223","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08123","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08492","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08486","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08449","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18539","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26597"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906","reference_id":"1098906","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907","reference_id":"1098907","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345255","reference_id":"2345255","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345255"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-26597","reference_id":"CVE-2025-26597","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-26597"},{"reference_url":"https://security.gentoo.org/glsa/202506-04","reference_id":"GLSA-202506-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2500","reference_id":"RHSA-2025:2500","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2502","reference_id":"RHSA-2025:2502","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2861","reference_id":"RHSA-2025:2861","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2862","reference_id":"RHSA-2025:2862","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2865","reference_id":"RHSA-2025:2865","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2866","reference_id":"RHSA-2025:2866","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2873","reference_id":"RHSA-2025:2873","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2874","reference_id":"RHSA-2025:2874","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2875","reference_id":"RHSA-2025:2875","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2879","reference_id":"RHSA-2025:2879","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2880","reference_id":"RHSA-2025:2880","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3976","reference_id":"RHSA-2025:3976","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7163","reference_id":"RHSA-2025:7163","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7165","reference_id":"RHSA-2025:7165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7458","reference_id":"RHSA-2025:7458","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7458"},{"reference_url":"https://usn.ubuntu.com/7299-1/","reference_id":"USN-7299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-1/"},{"reference_url":"https://usn.ubuntu.com/7299-2/","reference_id":"USN-7299-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-2/"},{"reference_url":"https://usn.ubuntu.com/7299-4/","reference_id":"USN-7299-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2025-26597"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6hwh-7tvr-sqgn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46290?format=json","vulnerability_id":"VCID-6qsh-kaxk-zuf9","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4011.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4011.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4011","reference_id":"","reference_type":"","scores":[{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12368","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12292","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12354","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12243","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12157","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12476","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12518","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12324","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12404","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12455","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.1246","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12422","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12381","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12282","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12386","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00041","scoring_system":"epss","scoring_elements":"0.12387","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4011"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2026074","reference_id":"2026074","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2026074"},{"reference_url":"https://security.archlinux.org/AVG-2636","reference_id":"AVG-2636","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2636"},{"reference_url":"https://security.archlinux.org/AVG-2640","reference_id":"AVG-2640","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2640"},{"reference_url":"https://security.gentoo.org/glsa/202305-30","reference_id":"GLSA-202305-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0003","reference_id":"RHSA-2022:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1917","reference_id":"RHSA-2022:1917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1917"},{"reference_url":"https://usn.ubuntu.com/5193-1/","reference_id":"USN-5193-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5193-1/"},{"reference_url":"https://usn.ubuntu.com/5193-2/","reference_id":"USN-5193-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5193-2/"},{"reference_url":"https://usn.ubuntu.com/5193-3/","reference_id":"USN-5193-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5193-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943714?format=json","purl":"pkg:deb/debian/xwayland@2:21.1.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:21.1.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943713?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pcv-f5h3-9fe9"},{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-37e1-pzxj-2fdt"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-41cd-s77z-6bcc"},{"vulnerability":"VCID-4ngr-6ccu-r7fv"},{"vulnerability":"VCID-515f-a8yj-4fej"},{"vulnerability":"VCID-5awx-j7z7-qyak"},{"vulnerability":"VCID-6hwh-7tvr-sqgn"},{"vulnerability":"VCID-6rcq-qxef-nuf7"},{"vulnerability":"VCID-7nax-5yw9-eye8"},{"vulnerability":"VCID-9cjy-6fj5-r7ag"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-fgnr-h7rm-83d4"},{"vulnerability":"VCID-hkrr-v71f-xqdb"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-j6qd-r6ua-cfbm"},{"vulnerability":"VCID-juet-bb4m-hkhq"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-p1tf-2c6u-tygr"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-phkz-t2yr-m7em"},{"vulnerability":"VCID-qwqu-19wq-1ke8"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-trsp-u7xt-a3ck"},{"vulnerability":"VCID-un9v-4svv-2baj"},{"vulnerability":"VCID-v9p1-8sb6-9ufr"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"},{"vulnerability":"VCID-x3p6-a59z-ebf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2021-4011"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6qsh-kaxk-zuf9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49328?format=json","vulnerability_id":"VCID-6rcq-qxef-nuf7","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0229.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0229.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0229","reference_id":"","reference_type":"","scores":[{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52779","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52842","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.5281","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52821","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52783","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52728","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55145","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55157","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55137","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55119","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55158","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55161","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55096","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.5512","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55095","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2256690","reference_id":"2256690","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2256690"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-0229","reference_id":"CVE-2024-0229","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-0229"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0320","reference_id":"RHSA-2024:0320","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0557","reference_id":"RHSA-2024:0557","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0558","reference_id":"RHSA-2024:0558","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0558"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0597","reference_id":"RHSA-2024:0597","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0607","reference_id":"RHSA-2024:0607","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0614","reference_id":"RHSA-2024:0614","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0617","reference_id":"RHSA-2024:0617","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0617"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0621","reference_id":"RHSA-2024:0621","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0626","reference_id":"RHSA-2024:0626","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0629","reference_id":"RHSA-2024:0629","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6587-1/","reference_id":"USN-6587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-1/"},{"reference_url":"https://usn.ubuntu.com/6587-2/","reference_id":"USN-6587-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-2/"},{"reference_url":"https://usn.ubuntu.com/6587-5/","reference_id":"USN-6587-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943723?format=json","purl":"pkg:deb/debian/xwayland@2:23.2.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2024-0229"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6rcq-qxef-nuf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59269?format=json","vulnerability_id":"VCID-7nax-5yw9-eye8","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26599.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26599.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26599","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05731","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05771","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05797","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05775","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05761","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05724","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05733","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08223","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08123","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08486","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08449","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08492","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18539","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26599"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906","reference_id":"1098906","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907","reference_id":"1098907","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345253","reference_id":"2345253","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345253"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-26599","reference_id":"CVE-2025-26599","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-26599"},{"reference_url":"https://security.gentoo.org/glsa/202506-04","reference_id":"GLSA-202506-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2500","reference_id":"RHSA-2025:2500","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2502","reference_id":"RHSA-2025:2502","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2861","reference_id":"RHSA-2025:2861","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2862","reference_id":"RHSA-2025:2862","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2865","reference_id":"RHSA-2025:2865","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2866","reference_id":"RHSA-2025:2866","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2873","reference_id":"RHSA-2025:2873","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2874","reference_id":"RHSA-2025:2874","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2875","reference_id":"RHSA-2025:2875","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2879","reference_id":"RHSA-2025:2879","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2880","reference_id":"RHSA-2025:2880","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3976","reference_id":"RHSA-2025:3976","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7163","reference_id":"RHSA-2025:7163","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7165","reference_id":"RHSA-2025:7165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7458","reference_id":"RHSA-2025:7458","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7458"},{"reference_url":"https://usn.ubuntu.com/7299-1/","reference_id":"USN-7299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-1/"},{"reference_url":"https://usn.ubuntu.com/7299-2/","reference_id":"USN-7299-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-2/"},{"reference_url":"https://usn.ubuntu.com/7299-4/","reference_id":"USN-7299-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2025-26599"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7nax-5yw9-eye8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41832?format=json","vulnerability_id":"VCID-9cjy-6fj5-r7ag","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31081.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31081.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31081","reference_id":"","reference_type":"","scores":[{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3097","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3113","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3105","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30901","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31572","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31616","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31436","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31488","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31517","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31522","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3148","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31443","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31477","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31456","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31424","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31255","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2271998","reference_id":"2271998","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2271998"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-31081","reference_id":"CVE-2024-31081","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-31081"},{"reference_url":"https://security.gentoo.org/glsa/202411-08","reference_id":"GLSA-202411-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202411-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1785","reference_id":"RHSA-2024:1785","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:1785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2036","reference_id":"RHSA-2024:2036","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2036"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2037","reference_id":"RHSA-2024:2037","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2037"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2038","reference_id":"RHSA-2024:2038","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2038"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2039","reference_id":"RHSA-2024:2039","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2039"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2040","reference_id":"RHSA-2024:2040","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2041","reference_id":"RHSA-2024:2041","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2042","reference_id":"RHSA-2024:2042","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2080","reference_id":"RHSA-2024:2080","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2616","reference_id":"RHSA-2024:2616","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2616"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3258","reference_id":"RHSA-2024:3258","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3261","reference_id":"RHSA-2024:3261","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3343","reference_id":"RHSA-2024:3343","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9093","reference_id":"RHSA-2024:9093","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9093"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9122","reference_id":"RHSA-2024:9122","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6721-1/","reference_id":"USN-6721-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6721-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943724?format=json","purl":"pkg:deb/debian/xwayland@2:23.2.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2024-31081"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9cjy-6fj5-r7ag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46302?format=json","vulnerability_id":"VCID-a4bk-m98g-93f8","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46344.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46344.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-46344","reference_id":"","reference_type":"","scores":[{"value":"0.00908","scoring_system":"epss","scoring_elements":"0.75711","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00908","scoring_system":"epss","scoring_elements":"0.75742","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00908","scoring_system":"epss","scoring_elements":"0.75721","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00908","scoring_system":"epss","scoring_elements":"0.75756","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00908","scoring_system":"epss","scoring_elements":"0.75767","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00908","scoring_system":"epss","scoring_elements":"0.75791","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00908","scoring_system":"epss","scoring_elements":"0.75772","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0091","scoring_system":"epss","scoring_elements":"0.75935","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0091","scoring_system":"epss","scoring_elements":"0.75906","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76622","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.7661","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76648","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76661","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76643","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00966","scoring_system":"epss","scoring_elements":"0.76618","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-46344"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071","reference_id":"1026071","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2151760","reference_id":"2151760","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2151760"},{"reference_url":"https://security.gentoo.org/glsa/202305-30","reference_id":"GLSA-202305-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0045","reference_id":"RHSA-2023:0045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0046","reference_id":"RHSA-2023:0046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2248","reference_id":"RHSA-2023:2248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2249","reference_id":"RHSA-2023:2249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2257","reference_id":"RHSA-2023:2257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2805","reference_id":"RHSA-2023:2805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2806","reference_id":"RHSA-2023:2806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2830","reference_id":"RHSA-2023:2830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/5778-1/","reference_id":"USN-5778-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5778-1/"},{"reference_url":"https://usn.ubuntu.com/5778-2/","reference_id":"USN-5778-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5778-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943719?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943713?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pcv-f5h3-9fe9"},{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-37e1-pzxj-2fdt"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-41cd-s77z-6bcc"},{"vulnerability":"VCID-4ngr-6ccu-r7fv"},{"vulnerability":"VCID-515f-a8yj-4fej"},{"vulnerability":"VCID-5awx-j7z7-qyak"},{"vulnerability":"VCID-6hwh-7tvr-sqgn"},{"vulnerability":"VCID-6rcq-qxef-nuf7"},{"vulnerability":"VCID-7nax-5yw9-eye8"},{"vulnerability":"VCID-9cjy-6fj5-r7ag"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-fgnr-h7rm-83d4"},{"vulnerability":"VCID-hkrr-v71f-xqdb"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-j6qd-r6ua-cfbm"},{"vulnerability":"VCID-juet-bb4m-hkhq"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-p1tf-2c6u-tygr"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-phkz-t2yr-m7em"},{"vulnerability":"VCID-qwqu-19wq-1ke8"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-trsp-u7xt-a3ck"},{"vulnerability":"VCID-un9v-4svv-2baj"},{"vulnerability":"VCID-v9p1-8sb6-9ufr"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"},{"vulnerability":"VCID-x3p6-a59z-ebf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2022-46344"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-a4bk-m98g-93f8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51244?format=json","vulnerability_id":"VCID-bv8h-xa48-hbh7","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2319.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2319.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2319","reference_id":"","reference_type":"","scores":[{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10274","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10182","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10126","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10222","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10287","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10183","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10257","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10319","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10349","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10308","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10289","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10164","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10138","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10269","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10249","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00035","scoring_system":"epss","scoring_elements":"0.10237","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2319"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2319","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2319"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2320","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2320"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014903","reference_id":"1014903","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014903"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2106671","reference_id":"2106671","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2106671"},{"reference_url":"https://security.archlinux.org/AVG-2770","reference_id":"AVG-2770","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2770"},{"reference_url":"https://security.gentoo.org/glsa/202210-30","reference_id":"GLSA-202210-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5905","reference_id":"RHSA-2022:5905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7583","reference_id":"RHSA-2022:7583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8221","reference_id":"RHSA-2022:8221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8222","reference_id":"RHSA-2022:8222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8222"},{"reference_url":"https://usn.ubuntu.com/5510-1/","reference_id":"USN-5510-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5510-1/"},{"reference_url":"https://usn.ubuntu.com/5510-2/","reference_id":"USN-5510-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5510-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943717?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943713?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pcv-f5h3-9fe9"},{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-37e1-pzxj-2fdt"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-41cd-s77z-6bcc"},{"vulnerability":"VCID-4ngr-6ccu-r7fv"},{"vulnerability":"VCID-515f-a8yj-4fej"},{"vulnerability":"VCID-5awx-j7z7-qyak"},{"vulnerability":"VCID-6hwh-7tvr-sqgn"},{"vulnerability":"VCID-6rcq-qxef-nuf7"},{"vulnerability":"VCID-7nax-5yw9-eye8"},{"vulnerability":"VCID-9cjy-6fj5-r7ag"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-fgnr-h7rm-83d4"},{"vulnerability":"VCID-hkrr-v71f-xqdb"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-j6qd-r6ua-cfbm"},{"vulnerability":"VCID-juet-bb4m-hkhq"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-p1tf-2c6u-tygr"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-phkz-t2yr-m7em"},{"vulnerability":"VCID-qwqu-19wq-1ke8"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-trsp-u7xt-a3ck"},{"vulnerability":"VCID-un9v-4svv-2baj"},{"vulnerability":"VCID-v9p1-8sb6-9ufr"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"},{"vulnerability":"VCID-x3p6-a59z-ebf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2022-2319"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bv8h-xa48-hbh7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46294?format=json","vulnerability_id":"VCID-bvay-s9w4-muf8","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3551.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3551.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3551","reference_id":"","reference_type":"","scores":[{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73079","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73099","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73073","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73109","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73123","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73148","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73127","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73121","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73164","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73174","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73165","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73201","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73214","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73213","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73206","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00749","scoring_system":"epss","scoring_elements":"0.73233","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3551"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2140701","reference_id":"2140701","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2140701"},{"reference_url":"https://security.gentoo.org/glsa/202305-30","reference_id":"GLSA-202305-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8491","reference_id":"RHSA-2022:8491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2248","reference_id":"RHSA-2023:2248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2249","reference_id":"RHSA-2023:2249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2805","reference_id":"RHSA-2023:2805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2806","reference_id":"RHSA-2023:2806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2806"},{"reference_url":"https://usn.ubuntu.com/5740-1/","reference_id":"USN-5740-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5740-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943718?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943713?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pcv-f5h3-9fe9"},{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-37e1-pzxj-2fdt"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-41cd-s77z-6bcc"},{"vulnerability":"VCID-4ngr-6ccu-r7fv"},{"vulnerability":"VCID-515f-a8yj-4fej"},{"vulnerability":"VCID-5awx-j7z7-qyak"},{"vulnerability":"VCID-6hwh-7tvr-sqgn"},{"vulnerability":"VCID-6rcq-qxef-nuf7"},{"vulnerability":"VCID-7nax-5yw9-eye8"},{"vulnerability":"VCID-9cjy-6fj5-r7ag"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-fgnr-h7rm-83d4"},{"vulnerability":"VCID-hkrr-v71f-xqdb"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-j6qd-r6ua-cfbm"},{"vulnerability":"VCID-juet-bb4m-hkhq"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-p1tf-2c6u-tygr"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-phkz-t2yr-m7em"},{"vulnerability":"VCID-qwqu-19wq-1ke8"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-trsp-u7xt-a3ck"},{"vulnerability":"VCID-un9v-4svv-2baj"},{"vulnerability":"VCID-v9p1-8sb6-9ufr"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"},{"vulnerability":"VCID-x3p6-a59z-ebf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2022-3551"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-bvay-s9w4-muf8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46297?format=json","vulnerability_id":"VCID-e7w3-3hpm-hbec","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4283.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-4283.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4283","reference_id":"","reference_type":"","scores":[{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.38712","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39121","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39144","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39063","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39118","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39135","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39146","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39109","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.39089","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00176","scoring_system":"epss","scoring_elements":"0.38638","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40362","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40477","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40375","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40281","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40585","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00187","scoring_system":"epss","scoring_elements":"0.40554","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-4283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071","reference_id":"1026071","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2151761","reference_id":"2151761","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T15:16:33Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2151761"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/","reference_id":"5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T15:16:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2022-4283","reference_id":"CVE-2022-4283","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T15:16:33Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2022-4283"},{"reference_url":"https://www.debian.org/security/2022/dsa-5304","reference_id":"dsa-5304","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T15:16:33Z/"}],"url":"https://www.debian.org/security/2022/dsa-5304"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/","reference_id":"DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T15:16:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/"},{"reference_url":"https://security.gentoo.org/glsa/202305-30","reference_id":"GLSA-202305-30","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T15:16:33Z/"}],"url":"https://security.gentoo.org/glsa/202305-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0045","reference_id":"RHSA-2023:0045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0046","reference_id":"RHSA-2023:0046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2248","reference_id":"RHSA-2023:2248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2249","reference_id":"RHSA-2023:2249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2257","reference_id":"RHSA-2023:2257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2805","reference_id":"RHSA-2023:2805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2806","reference_id":"RHSA-2023:2806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2830","reference_id":"RHSA-2023:2830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/5778-1/","reference_id":"USN-5778-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5778-1/"},{"reference_url":"https://usn.ubuntu.com/5778-2/","reference_id":"USN-5778-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5778-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/","reference_id":"Z67QC4C3I2FI2WRFIUPEHKC36J362MLA","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-14T15:16:33Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943719?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943713?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pcv-f5h3-9fe9"},{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-37e1-pzxj-2fdt"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-41cd-s77z-6bcc"},{"vulnerability":"VCID-4ngr-6ccu-r7fv"},{"vulnerability":"VCID-515f-a8yj-4fej"},{"vulnerability":"VCID-5awx-j7z7-qyak"},{"vulnerability":"VCID-6hwh-7tvr-sqgn"},{"vulnerability":"VCID-6rcq-qxef-nuf7"},{"vulnerability":"VCID-7nax-5yw9-eye8"},{"vulnerability":"VCID-9cjy-6fj5-r7ag"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-fgnr-h7rm-83d4"},{"vulnerability":"VCID-hkrr-v71f-xqdb"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-j6qd-r6ua-cfbm"},{"vulnerability":"VCID-juet-bb4m-hkhq"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-p1tf-2c6u-tygr"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-phkz-t2yr-m7em"},{"vulnerability":"VCID-qwqu-19wq-1ke8"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-trsp-u7xt-a3ck"},{"vulnerability":"VCID-un9v-4svv-2baj"},{"vulnerability":"VCID-v9p1-8sb6-9ufr"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"},{"vulnerability":"VCID-x3p6-a59z-ebf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2022-4283"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e7w3-3hpm-hbec"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66662?format=json","vulnerability_id":"VCID-e9px-edn1-tufs","summary":"xorg: xmayland: Use-after-free in XPresentNotify structure creation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62229.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62229.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62229","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01112","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01109","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01118","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01124","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01589","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02746","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02615","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02716","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02703","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02758","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.0273","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02664","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.0264","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02626","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02624","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02607","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62229","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62229"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.x.org/archives/xorg-announce/2025-October/003635.html","reference_id":"003635.html","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://lists.x.org/archives/xorg-announce/2025-October/003635.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402649","reference_id":"2402649","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402649"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-62229","reference_id":"CVE-2025-62229","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-62229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19432","reference_id":"RHSA-2025:19432","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19433","reference_id":"RHSA-2025:19433","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19434","reference_id":"RHSA-2025:19434","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19435","reference_id":"RHSA-2025:19435","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19489","reference_id":"RHSA-2025:19489","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19623","reference_id":"RHSA-2025:19623","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19909","reference_id":"RHSA-2025:19909","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20958","reference_id":"RHSA-2025:20958","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20960","reference_id":"RHSA-2025:20960","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20961","reference_id":"RHSA-2025:20961","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21035","reference_id":"RHSA-2025:21035","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22040","reference_id":"RHSA-2025:22040","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22041","reference_id":"RHSA-2025:22041","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22051","reference_id":"RHSA-2025:22051","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22055","reference_id":"RHSA-2025:22055","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22056","reference_id":"RHSA-2025:22056","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22077","reference_id":"RHSA-2025:22077","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22096","reference_id":"RHSA-2025:22096","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22164","reference_id":"RHSA-2025:22164","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22167","reference_id":"RHSA-2025:22167","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22364","reference_id":"RHSA-2025:22364","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22364"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22365","reference_id":"RHSA-2025:22365","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22365"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22426","reference_id":"RHSA-2025:22426","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22426"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22427","reference_id":"RHSA-2025:22427","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22667","reference_id":"RHSA-2025:22667","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22729","reference_id":"RHSA-2025:22729","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22742","reference_id":"RHSA-2025:22742","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22753","reference_id":"RHSA-2025:22753","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0031","reference_id":"RHSA-2026:0031","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0033","reference_id":"RHSA-2026:0033","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0033"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0034","reference_id":"RHSA-2026:0034","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0035","reference_id":"RHSA-2026:0035","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0036","reference_id":"RHSA-2026:0036","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0036"},{"reference_url":"https://usn.ubuntu.com/7846-1/","reference_id":"USN-7846-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7846-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2025-62229"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e9px-edn1-tufs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/51245?format=json","vulnerability_id":"VCID-em7x-adw1-tyaz","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2320.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-2320.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2320","reference_id":"","reference_type":"","scores":[{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18267","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18318","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18181","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18692","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18747","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18463","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18543","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18596","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18599","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18552","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18499","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18441","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.1845","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18471","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18374","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00059","scoring_system":"epss","scoring_elements":"0.18358","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-2320"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2319","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2319"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2320","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2320"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014903","reference_id":"1014903","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1014903"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2106683","reference_id":"2106683","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2106683"},{"reference_url":"https://security.archlinux.org/AVG-2770","reference_id":"AVG-2770","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2770"},{"reference_url":"https://security.gentoo.org/glsa/202210-30","reference_id":"GLSA-202210-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202210-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:5905","reference_id":"RHSA-2022:5905","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:5905"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:7583","reference_id":"RHSA-2022:7583","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:7583"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8221","reference_id":"RHSA-2022:8221","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8221"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8222","reference_id":"RHSA-2022:8222","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8222"},{"reference_url":"https://usn.ubuntu.com/5510-1/","reference_id":"USN-5510-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5510-1/"},{"reference_url":"https://usn.ubuntu.com/5510-2/","reference_id":"USN-5510-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5510-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943717?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943713?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pcv-f5h3-9fe9"},{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-37e1-pzxj-2fdt"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-41cd-s77z-6bcc"},{"vulnerability":"VCID-4ngr-6ccu-r7fv"},{"vulnerability":"VCID-515f-a8yj-4fej"},{"vulnerability":"VCID-5awx-j7z7-qyak"},{"vulnerability":"VCID-6hwh-7tvr-sqgn"},{"vulnerability":"VCID-6rcq-qxef-nuf7"},{"vulnerability":"VCID-7nax-5yw9-eye8"},{"vulnerability":"VCID-9cjy-6fj5-r7ag"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-fgnr-h7rm-83d4"},{"vulnerability":"VCID-hkrr-v71f-xqdb"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-j6qd-r6ua-cfbm"},{"vulnerability":"VCID-juet-bb4m-hkhq"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-p1tf-2c6u-tygr"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-phkz-t2yr-m7em"},{"vulnerability":"VCID-qwqu-19wq-1ke8"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-trsp-u7xt-a3ck"},{"vulnerability":"VCID-un9v-4svv-2baj"},{"vulnerability":"VCID-v9p1-8sb6-9ufr"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"},{"vulnerability":"VCID-x3p6-a59z-ebf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2022-2320"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-em7x-adw1-tyaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46289?format=json","vulnerability_id":"VCID-fcac-qzvs-rfa8","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4010.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4010.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4010","reference_id":"","reference_type":"","scores":[{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23318","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23122","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23154","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23145","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23039","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23492","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23528","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23312","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23384","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23435","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23455","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23417","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23362","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.2338","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23375","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23355","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00079","scoring_system":"epss","scoring_elements":"0.23164","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2026073","reference_id":"2026073","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2026073"},{"reference_url":"https://security.archlinux.org/AVG-2636","reference_id":"AVG-2636","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2636"},{"reference_url":"https://security.archlinux.org/AVG-2640","reference_id":"AVG-2640","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2640"},{"reference_url":"https://security.gentoo.org/glsa/202305-30","reference_id":"GLSA-202305-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0003","reference_id":"RHSA-2022:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1917","reference_id":"RHSA-2022:1917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1917"},{"reference_url":"https://usn.ubuntu.com/5193-1/","reference_id":"USN-5193-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5193-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943714?format=json","purl":"pkg:deb/debian/xwayland@2:21.1.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:21.1.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943713?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pcv-f5h3-9fe9"},{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-37e1-pzxj-2fdt"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-41cd-s77z-6bcc"},{"vulnerability":"VCID-4ngr-6ccu-r7fv"},{"vulnerability":"VCID-515f-a8yj-4fej"},{"vulnerability":"VCID-5awx-j7z7-qyak"},{"vulnerability":"VCID-6hwh-7tvr-sqgn"},{"vulnerability":"VCID-6rcq-qxef-nuf7"},{"vulnerability":"VCID-7nax-5yw9-eye8"},{"vulnerability":"VCID-9cjy-6fj5-r7ag"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-fgnr-h7rm-83d4"},{"vulnerability":"VCID-hkrr-v71f-xqdb"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-j6qd-r6ua-cfbm"},{"vulnerability":"VCID-juet-bb4m-hkhq"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-p1tf-2c6u-tygr"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-phkz-t2yr-m7em"},{"vulnerability":"VCID-qwqu-19wq-1ke8"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-trsp-u7xt-a3ck"},{"vulnerability":"VCID-un9v-4svv-2baj"},{"vulnerability":"VCID-v9p1-8sb6-9ufr"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"},{"vulnerability":"VCID-x3p6-a59z-ebf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2021-4010"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fcac-qzvs-rfa8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49330?format=json","vulnerability_id":"VCID-fgnr-h7rm-83d4","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0409.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0409.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0409","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03143","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03005","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03125","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03124","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03114","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03158","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03117","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04875","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04852","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04829","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04809","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04757","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04803","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0482","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04858","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0478","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257690","reference_id":"2257690","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257690"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-0409","reference_id":"CVE-2024-0409","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-0409"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0320","reference_id":"RHSA-2024:0320","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://usn.ubuntu.com/6587-1/","reference_id":"USN-6587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-1/"},{"reference_url":"https://usn.ubuntu.com/6587-2/","reference_id":"USN-6587-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943723?format=json","purl":"pkg:deb/debian/xwayland@2:23.2.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2024-0409"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fgnr-h7rm-83d4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59273?format=json","vulnerability_id":"VCID-hkrr-v71f-xqdb","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26601.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26601.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26601","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05731","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05771","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05797","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05775","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05761","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05724","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05733","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08223","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08123","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08486","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08449","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08492","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18539","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26601"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906","reference_id":"1098906","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907","reference_id":"1098907","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345251","reference_id":"2345251","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345251"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-26601","reference_id":"CVE-2025-26601","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-26601"},{"reference_url":"https://security.gentoo.org/glsa/202506-04","reference_id":"GLSA-202506-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2500","reference_id":"RHSA-2025:2500","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2502","reference_id":"RHSA-2025:2502","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2861","reference_id":"RHSA-2025:2861","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2862","reference_id":"RHSA-2025:2862","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2865","reference_id":"RHSA-2025:2865","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2866","reference_id":"RHSA-2025:2866","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2873","reference_id":"RHSA-2025:2873","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2874","reference_id":"RHSA-2025:2874","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2875","reference_id":"RHSA-2025:2875","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2879","reference_id":"RHSA-2025:2879","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2880","reference_id":"RHSA-2025:2880","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3976","reference_id":"RHSA-2025:3976","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7163","reference_id":"RHSA-2025:7163","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7165","reference_id":"RHSA-2025:7165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7458","reference_id":"RHSA-2025:7458","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7458"},{"reference_url":"https://usn.ubuntu.com/7299-1/","reference_id":"USN-7299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-1/"},{"reference_url":"https://usn.ubuntu.com/7299-2/","reference_id":"USN-7299-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-2/"},{"reference_url":"https://usn.ubuntu.com/7299-4/","reference_id":"USN-7299-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2025-26601"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hkrr-v71f-xqdb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267379?format=json","vulnerability_id":"VCID-hxab-xyu1-xkgc","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34000.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34000.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34000","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01843","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34000"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34000","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34000"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451107","reference_id":"2451107","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-05T18:51:27Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451107"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-34000","reference_id":"CVE-2026-34000","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-05T18:51:27Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-34000"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2026-34000"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hxab-xyu1-xkgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49332?format=json","vulnerability_id":"VCID-j6qd-r6ua-cfbm","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21886.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21886.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21886","reference_id":"","reference_type":"","scores":[{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46906","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46983","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46969","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.4698","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46931","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46844","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49304","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49301","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49319","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49293","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49344","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.4934","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49268","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49296","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.4925","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21886"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2256542","reference_id":"2256542","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2256542"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-21886","reference_id":"CVE-2024-21886","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-21886"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0320","reference_id":"RHSA-2024:0320","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0557","reference_id":"RHSA-2024:0557","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0558","reference_id":"RHSA-2024:0558","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0558"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0597","reference_id":"RHSA-2024:0597","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0607","reference_id":"RHSA-2024:0607","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0614","reference_id":"RHSA-2024:0614","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0617","reference_id":"RHSA-2024:0617","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0617"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0621","reference_id":"RHSA-2024:0621","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0626","reference_id":"RHSA-2024:0626","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0629","reference_id":"RHSA-2024:0629","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6587-1/","reference_id":"USN-6587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-1/"},{"reference_url":"https://usn.ubuntu.com/6587-2/","reference_id":"USN-6587-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-2/"},{"reference_url":"https://usn.ubuntu.com/6587-5/","reference_id":"USN-6587-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943723?format=json","purl":"pkg:deb/debian/xwayland@2:23.2.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2024-21886"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j6qd-r6ua-cfbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46299?format=json","vulnerability_id":"VCID-jrx7-pbf3-h3at","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46341.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46341.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-46341","reference_id":"","reference_type":"","scores":[{"value":"0.01109","scoring_system":"epss","scoring_elements":"0.78136","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01109","scoring_system":"epss","scoring_elements":"0.78154","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01109","scoring_system":"epss","scoring_elements":"0.78128","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01109","scoring_system":"epss","scoring_elements":"0.78122","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01109","scoring_system":"epss","scoring_elements":"0.78113","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01109","scoring_system":"epss","scoring_elements":"0.78096","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01109","scoring_system":"epss","scoring_elements":"0.78083","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01109","scoring_system":"epss","scoring_elements":"0.78132","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01112","scoring_system":"epss","scoring_elements":"0.7828","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01112","scoring_system":"epss","scoring_elements":"0.78254","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01181","scoring_system":"epss","scoring_elements":"0.78774","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01181","scoring_system":"epss","scoring_elements":"0.78827","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01181","scoring_system":"epss","scoring_elements":"0.7881","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01181","scoring_system":"epss","scoring_elements":"0.78802","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01181","scoring_system":"epss","scoring_elements":"0.7878","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01181","scoring_system":"epss","scoring_elements":"0.78778","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-46341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071","reference_id":"1026071","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2151756","reference_id":"2151756","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:53:14Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2151756"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/","reference_id":"5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:53:14Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2022-46341","reference_id":"CVE-2022-46341","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:53:14Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2022-46341"},{"reference_url":"https://www.debian.org/security/2022/dsa-5304","reference_id":"dsa-5304","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:53:14Z/"}],"url":"https://www.debian.org/security/2022/dsa-5304"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/","reference_id":"DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:53:14Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/"},{"reference_url":"https://security.gentoo.org/glsa/202305-30","reference_id":"GLSA-202305-30","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:53:14Z/"}],"url":"https://security.gentoo.org/glsa/202305-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0045","reference_id":"RHSA-2023:0045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0046","reference_id":"RHSA-2023:0046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2248","reference_id":"RHSA-2023:2248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2249","reference_id":"RHSA-2023:2249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2257","reference_id":"RHSA-2023:2257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2805","reference_id":"RHSA-2023:2805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2806","reference_id":"RHSA-2023:2806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2830","reference_id":"RHSA-2023:2830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/5778-1/","reference_id":"USN-5778-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5778-1/"},{"reference_url":"https://usn.ubuntu.com/5778-2/","reference_id":"USN-5778-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5778-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/","reference_id":"Z67QC4C3I2FI2WRFIUPEHKC36J362MLA","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:53:14Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943719?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943713?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pcv-f5h3-9fe9"},{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-37e1-pzxj-2fdt"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-41cd-s77z-6bcc"},{"vulnerability":"VCID-4ngr-6ccu-r7fv"},{"vulnerability":"VCID-515f-a8yj-4fej"},{"vulnerability":"VCID-5awx-j7z7-qyak"},{"vulnerability":"VCID-6hwh-7tvr-sqgn"},{"vulnerability":"VCID-6rcq-qxef-nuf7"},{"vulnerability":"VCID-7nax-5yw9-eye8"},{"vulnerability":"VCID-9cjy-6fj5-r7ag"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-fgnr-h7rm-83d4"},{"vulnerability":"VCID-hkrr-v71f-xqdb"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-j6qd-r6ua-cfbm"},{"vulnerability":"VCID-juet-bb4m-hkhq"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-p1tf-2c6u-tygr"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-phkz-t2yr-m7em"},{"vulnerability":"VCID-qwqu-19wq-1ke8"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-trsp-u7xt-a3ck"},{"vulnerability":"VCID-un9v-4svv-2baj"},{"vulnerability":"VCID-v9p1-8sb6-9ufr"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"},{"vulnerability":"VCID-x3p6-a59z-ebf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2022-46341"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jrx7-pbf3-h3at"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41830?format=json","vulnerability_id":"VCID-juet-bb4m-hkhq","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9632.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9632.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9632","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17597","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17692","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17648","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17505","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17991","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18045","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17745","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17833","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17895","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.1791","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17866","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17817","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17759","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17769","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17807","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17716","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9632"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086244","reference_id":"1086244","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086244"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086245","reference_id":"1086245","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086245"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317233","reference_id":"2317233","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317233"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-9632","reference_id":"CVE-2024-9632","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-9632"},{"reference_url":"https://security.gentoo.org/glsa/202411-08","reference_id":"GLSA-202411-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202411-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10090","reference_id":"RHSA-2024:10090","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:10090"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8798","reference_id":"RHSA-2024:8798","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:8798"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9540","reference_id":"RHSA-2024:9540","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9540"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9579","reference_id":"RHSA-2024:9579","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9579"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9601","reference_id":"RHSA-2024:9601","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9690","reference_id":"RHSA-2024:9690","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9816","reference_id":"RHSA-2024:9816","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9818","reference_id":"RHSA-2024:9818","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9819","reference_id":"RHSA-2024:9819","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9820","reference_id":"RHSA-2024:9820","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9901","reference_id":"RHSA-2024:9901","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7163","reference_id":"RHSA-2025:7163","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7165","reference_id":"RHSA-2025:7165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7458","reference_id":"RHSA-2025:7458","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7458"},{"reference_url":"https://usn.ubuntu.com/7085-1/","reference_id":"USN-7085-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7085-1/"},{"reference_url":"https://usn.ubuntu.com/7085-2/","reference_id":"USN-7085-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7085-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943725?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2024-9632"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-juet-bb4m-hkhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46292?format=json","vulnerability_id":"VCID-m2hp-k4c4-m3db","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3550.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3550.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3550","reference_id":"","reference_type":"","scores":[{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61403","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61431","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61401","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61448","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61464","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61485","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61471","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61453","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61492","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61496","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.6148","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61467","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61484","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61479","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.6143","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00412","scoring_system":"epss","scoring_elements":"0.61478","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-3550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3550"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3551"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2140698","reference_id":"2140698","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2140698"},{"reference_url":"https://security.gentoo.org/glsa/202305-30","reference_id":"GLSA-202305-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:8491","reference_id":"RHSA-2022:8491","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:8491"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2248","reference_id":"RHSA-2023:2248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2249","reference_id":"RHSA-2023:2249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2805","reference_id":"RHSA-2023:2805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2806","reference_id":"RHSA-2023:2806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2806"},{"reference_url":"https://usn.ubuntu.com/5740-1/","reference_id":"USN-5740-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5740-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943718?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943713?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pcv-f5h3-9fe9"},{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-37e1-pzxj-2fdt"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-41cd-s77z-6bcc"},{"vulnerability":"VCID-4ngr-6ccu-r7fv"},{"vulnerability":"VCID-515f-a8yj-4fej"},{"vulnerability":"VCID-5awx-j7z7-qyak"},{"vulnerability":"VCID-6hwh-7tvr-sqgn"},{"vulnerability":"VCID-6rcq-qxef-nuf7"},{"vulnerability":"VCID-7nax-5yw9-eye8"},{"vulnerability":"VCID-9cjy-6fj5-r7ag"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-fgnr-h7rm-83d4"},{"vulnerability":"VCID-hkrr-v71f-xqdb"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-j6qd-r6ua-cfbm"},{"vulnerability":"VCID-juet-bb4m-hkhq"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-p1tf-2c6u-tygr"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-phkz-t2yr-m7em"},{"vulnerability":"VCID-qwqu-19wq-1ke8"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-trsp-u7xt-a3ck"},{"vulnerability":"VCID-un9v-4svv-2baj"},{"vulnerability":"VCID-v9p1-8sb6-9ufr"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"},{"vulnerability":"VCID-x3p6-a59z-ebf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2022-3550"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m2hp-k4c4-m3db"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69418?format=json","vulnerability_id":"VCID-may9-9sdj-cbbd","summary":"xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Data Leak in XFIXES Extension's XFixesSetClientDisconnectMode","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49177.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49177.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49177","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09301","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09325","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09409","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09438","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09424","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09377","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09389","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24796","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24995","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24987","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2496","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24897","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24886","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24843","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2472","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24983","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49177"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369","reference_id":"1108369","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369955","reference_id":"2369955","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369955"},{"reference_url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/ab02fb96b1c701c3bb47617d965522c34befa6af","reference_id":"ab02fb96b1c701c3bb47617d965522c34befa6af","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/"}],"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/ab02fb96b1c701c3bb47617d965522c34befa6af"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-49177","reference_id":"CVE-2025-49177","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-49177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10258","reference_id":"RHSA-2025:10258","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9303","reference_id":"RHSA-2025:9303","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9304","reference_id":"RHSA-2025:9304","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9304"},{"reference_url":"https://www.x.org/wiki/Development/Security/","reference_id":"Security","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/"}],"url":"https://www.x.org/wiki/Development/Security/"},{"reference_url":"https://usn.ubuntu.com/7573-1/","reference_id":"USN-7573-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943726?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2025-49177"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-may9-9sdj-cbbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41831?format=json","vulnerability_id":"VCID-p1tf-2c6u-tygr","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31080.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31080.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31080","reference_id":"","reference_type":"","scores":[{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3097","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3113","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3105","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30901","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31572","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31616","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31436","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31488","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31517","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31522","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3148","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31443","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31477","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31456","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31424","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31255","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2271997","reference_id":"2271997","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2271997"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-31080","reference_id":"CVE-2024-31080","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-31080"},{"reference_url":"https://security.gentoo.org/glsa/202411-08","reference_id":"GLSA-202411-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202411-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1785","reference_id":"RHSA-2024:1785","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:1785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2036","reference_id":"RHSA-2024:2036","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2036"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2037","reference_id":"RHSA-2024:2037","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2037"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2038","reference_id":"RHSA-2024:2038","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2038"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2039","reference_id":"RHSA-2024:2039","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2039"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2040","reference_id":"RHSA-2024:2040","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2041","reference_id":"RHSA-2024:2041","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2042","reference_id":"RHSA-2024:2042","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2080","reference_id":"RHSA-2024:2080","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2616","reference_id":"RHSA-2024:2616","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2616"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3258","reference_id":"RHSA-2024:3258","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3261","reference_id":"RHSA-2024:3261","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3343","reference_id":"RHSA-2024:3343","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9093","reference_id":"RHSA-2024:9093","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9093"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9122","reference_id":"RHSA-2024:9122","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6721-1/","reference_id":"USN-6721-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6721-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943724?format=json","purl":"pkg:deb/debian/xwayland@2:23.2.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2024-31080"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p1tf-2c6u-tygr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267382?format=json","vulnerability_id":"VCID-pa9n-ntq3-jqaz","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34003.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34003.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34003","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0169","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01752","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01747","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01962","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01698","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34003"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34003","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34003"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451113","reference_id":"2451113","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T17:20:40Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451113"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-34003","reference_id":"CVE-2026-34003","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T17:20:40Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-34003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10739","reference_id":"RHSA-2026:10739","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T17:20:40Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:10739"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11352","reference_id":"RHSA-2026:11352","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T17:20:40Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11369","reference_id":"RHSA-2026:11369","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T17:20:40Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11388","reference_id":"RHSA-2026:11388","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T17:20:40Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11656","reference_id":"RHSA-2026:11656","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T17:20:40Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11692","reference_id":"RHSA-2026:11692","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T17:20:40Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13414","reference_id":"RHSA-2026:13414","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T17:20:40Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:13414"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2026-34003"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pa9n-ntq3-jqaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49327?format=json","vulnerability_id":"VCID-phkz-t2yr-m7em","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6816.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6816.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6816","reference_id":"","reference_type":"","scores":[{"value":"0.03015","scoring_system":"epss","scoring_elements":"0.86643","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03015","scoring_system":"epss","scoring_elements":"0.86616","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03015","scoring_system":"epss","scoring_elements":"0.86642","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03015","scoring_system":"epss","scoring_elements":"0.86682","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03015","scoring_system":"epss","scoring_elements":"0.86664","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03015","scoring_system":"epss","scoring_elements":"0.86634","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87115","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87122","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87105","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87136","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87143","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87156","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87151","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87146","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87163","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87167","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257691","reference_id":"2257691","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257691"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-6816","reference_id":"CVE-2023-6816","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-6816"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0320","reference_id":"RHSA-2024:0320","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0557","reference_id":"RHSA-2024:0557","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0558","reference_id":"RHSA-2024:0558","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0558"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0597","reference_id":"RHSA-2024:0597","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0607","reference_id":"RHSA-2024:0607","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0614","reference_id":"RHSA-2024:0614","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0617","reference_id":"RHSA-2024:0617","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0617"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0621","reference_id":"RHSA-2024:0621","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0626","reference_id":"RHSA-2024:0626","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0629","reference_id":"RHSA-2024:0629","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6587-1/","reference_id":"USN-6587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-1/"},{"reference_url":"https://usn.ubuntu.com/6587-2/","reference_id":"USN-6587-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-2/"},{"reference_url":"https://usn.ubuntu.com/6587-5/","reference_id":"USN-6587-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943723?format=json","purl":"pkg:deb/debian/xwayland@2:23.2.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2023-6816"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-phkz-t2yr-m7em"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59262?format=json","vulnerability_id":"VCID-qwqu-19wq-1ke8","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26594.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26594.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26594","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05731","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05771","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05797","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05775","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05761","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05724","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05733","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08223","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08123","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08486","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08449","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08492","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18539","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26594"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26594","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26594"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906","reference_id":"1098906","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907","reference_id":"1098907","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345248","reference_id":"2345248","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345248"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-26594","reference_id":"CVE-2025-26594","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-26594"},{"reference_url":"https://security.gentoo.org/glsa/202506-04","reference_id":"GLSA-202506-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2500","reference_id":"RHSA-2025:2500","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2502","reference_id":"RHSA-2025:2502","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2861","reference_id":"RHSA-2025:2861","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2862","reference_id":"RHSA-2025:2862","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2865","reference_id":"RHSA-2025:2865","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2866","reference_id":"RHSA-2025:2866","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2873","reference_id":"RHSA-2025:2873","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2874","reference_id":"RHSA-2025:2874","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2875","reference_id":"RHSA-2025:2875","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2879","reference_id":"RHSA-2025:2879","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2880","reference_id":"RHSA-2025:2880","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3976","reference_id":"RHSA-2025:3976","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7163","reference_id":"RHSA-2025:7163","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7165","reference_id":"RHSA-2025:7165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7458","reference_id":"RHSA-2025:7458","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7458"},{"reference_url":"https://usn.ubuntu.com/7299-1/","reference_id":"USN-7299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-1/"},{"reference_url":"https://usn.ubuntu.com/7299-2/","reference_id":"USN-7299-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-2/"},{"reference_url":"https://usn.ubuntu.com/7299-4/","reference_id":"USN-7299-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2025-26594"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qwqu-19wq-1ke8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69420?format=json","vulnerability_id":"VCID-s7xs-zcxk-nyc7","summary":"xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer overflow in X Record extension","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49179.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49179.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49179","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18079","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17986","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17899","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17944","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17928","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17868","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.1778","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35657","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.3612","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36105","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36051","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.3582","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35787","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.357","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35586","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36079","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49179"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369","reference_id":"1108369","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369978","reference_id":"2369978","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369978"},{"reference_url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/2bde9ca49a8fd9a1e6697d5e7ef837870d66f5d4","reference_id":"2bde9ca49a8fd9a1e6697d5e7ef837870d66f5d4","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/2bde9ca49a8fd9a1e6697d5e7ef837870d66f5d4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server","reference_id":"cpe:/o:redhat:rhel_aus:7.7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-49179","reference_id":"CVE-2025-49179","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-49179"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10258","reference_id":"RHSA-2025:10258","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10342","reference_id":"RHSA-2025:10342","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10343","reference_id":"RHSA-2025:10343","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10344","reference_id":"RHSA-2025:10344","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10346","reference_id":"RHSA-2025:10346","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10347","reference_id":"RHSA-2025:10347","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10348","reference_id":"RHSA-2025:10348","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10349","reference_id":"RHSA-2025:10349","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10350","reference_id":"RHSA-2025:10350","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10351","reference_id":"RHSA-2025:10351","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10352","reference_id":"RHSA-2025:10352","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10355","reference_id":"RHSA-2025:10355","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10356","reference_id":"RHSA-2025:10356","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10356"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10360","reference_id":"RHSA-2025:10360","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10370","reference_id":"RHSA-2025:10370","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10374","reference_id":"RHSA-2025:10374","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10375","reference_id":"RHSA-2025:10375","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10376","reference_id":"RHSA-2025:10376","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10377","reference_id":"RHSA-2025:10377","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10377"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10378","reference_id":"RHSA-2025:10378","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10381","reference_id":"RHSA-2025:10381","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10410","reference_id":"RHSA-2025:10410","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9303","reference_id":"RHSA-2025:9303","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9304","reference_id":"RHSA-2025:9304","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9305","reference_id":"RHSA-2025:9305","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9306","reference_id":"RHSA-2025:9306","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9392","reference_id":"RHSA-2025:9392","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9964","reference_id":"RHSA-2025:9964","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9964"},{"reference_url":"https://www.x.org/wiki/Development/Security/","reference_id":"Security","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://www.x.org/wiki/Development/Security/"},{"reference_url":"https://usn.ubuntu.com/7573-1/","reference_id":"USN-7573-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-1/"},{"reference_url":"https://usn.ubuntu.com/7573-2/","reference_id":"USN-7573-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943726?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2025-49179"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s7xs-zcxk-nyc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69416?format=json","vulnerability_id":"VCID-sfgy-e6d6-f3fd","summary":"xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49175.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49175.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49175","reference_id":"","reference_type":"","scores":[{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24102","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24253","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24188","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.2423","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24214","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24169","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24316","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.3876","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39118","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38909","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38891","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38812","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38687","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44852","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44904","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44898","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49175"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49175","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49175"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/0885e0b26225c90534642fe911632ec0779eebee","reference_id":"0885e0b26225c90534642fe911632ec0779eebee","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/0885e0b26225c90534642fe911632ec0779eebee"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369","reference_id":"1108369","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369"},{"reference_url":"https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2024","reference_id":"2024","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2024"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369947","reference_id":"2369947","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369947"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server","reference_id":"cpe:/o:redhat:rhel_aus:7.7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-49175","reference_id":"CVE-2025-49175","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-49175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10258","reference_id":"RHSA-2025:10258","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10342","reference_id":"RHSA-2025:10342","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10343","reference_id":"RHSA-2025:10343","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10344","reference_id":"RHSA-2025:10344","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10346","reference_id":"RHSA-2025:10346","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10347","reference_id":"RHSA-2025:10347","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10348","reference_id":"RHSA-2025:10348","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10349","reference_id":"RHSA-2025:10349","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10350","reference_id":"RHSA-2025:10350","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10351","reference_id":"RHSA-2025:10351","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10352","reference_id":"RHSA-2025:10352","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10355","reference_id":"RHSA-2025:10355","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10356","reference_id":"RHSA-2025:10356","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10356"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10360","reference_id":"RHSA-2025:10360","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10370","reference_id":"RHSA-2025:10370","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10374","reference_id":"RHSA-2025:10374","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10375","reference_id":"RHSA-2025:10375","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10376","reference_id":"RHSA-2025:10376","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10377","reference_id":"RHSA-2025:10377","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10377"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10378","reference_id":"RHSA-2025:10378","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10381","reference_id":"RHSA-2025:10381","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10410","reference_id":"RHSA-2025:10410","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9303","reference_id":"RHSA-2025:9303","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9304","reference_id":"RHSA-2025:9304","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9305","reference_id":"RHSA-2025:9305","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9306","reference_id":"RHSA-2025:9306","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9392","reference_id":"RHSA-2025:9392","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9964","reference_id":"RHSA-2025:9964","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9964"},{"reference_url":"https://www.x.org/wiki/Development/Security/","reference_id":"Security","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://www.x.org/wiki/Development/Security/"},{"reference_url":"https://usn.ubuntu.com/7573-1/","reference_id":"USN-7573-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-1/"},{"reference_url":"https://usn.ubuntu.com/7573-2/","reference_id":"USN-7573-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943726?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2025-49175"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sfgy-e6d6-f3fd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66663?format=json","vulnerability_id":"VCID-sx54-5s5r-ckg2","summary":"xorg: xwayland: Use-after-free in Xkb client resource removal","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62230.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62230.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62230","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01226","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01954","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01955","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01939","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01933","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01914","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01913","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01983","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01982","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02011","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01962","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0197","published_at":"2026-04-09T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00898","published_at":"2026-04-08T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0089","published_at":"2026-04-02T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00892","published_at":"2026-04-04T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00895","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62230"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62230","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62230"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.x.org/archives/xorg-announce/2025-October/003635.html","reference_id":"003635.html","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://lists.x.org/archives/xorg-announce/2025-October/003635.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402653","reference_id":"2402653","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402653"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-62230","reference_id":"CVE-2025-62230","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-62230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19432","reference_id":"RHSA-2025:19432","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19433","reference_id":"RHSA-2025:19433","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19434","reference_id":"RHSA-2025:19434","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19435","reference_id":"RHSA-2025:19435","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19489","reference_id":"RHSA-2025:19489","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19623","reference_id":"RHSA-2025:19623","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19909","reference_id":"RHSA-2025:19909","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20958","reference_id":"RHSA-2025:20958","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20960","reference_id":"RHSA-2025:20960","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20961","reference_id":"RHSA-2025:20961","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21035","reference_id":"RHSA-2025:21035","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22040","reference_id":"RHSA-2025:22040","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22041","reference_id":"RHSA-2025:22041","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22051","reference_id":"RHSA-2025:22051","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22055","reference_id":"RHSA-2025:22055","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22056","reference_id":"RHSA-2025:22056","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22077","reference_id":"RHSA-2025:22077","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22096","reference_id":"RHSA-2025:22096","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22164","reference_id":"RHSA-2025:22164","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22167","reference_id":"RHSA-2025:22167","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22364","reference_id":"RHSA-2025:22364","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22364"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22365","reference_id":"RHSA-2025:22365","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22365"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22426","reference_id":"RHSA-2025:22426","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22426"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22427","reference_id":"RHSA-2025:22427","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22667","reference_id":"RHSA-2025:22667","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22729","reference_id":"RHSA-2025:22729","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22742","reference_id":"RHSA-2025:22742","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22753","reference_id":"RHSA-2025:22753","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0031","reference_id":"RHSA-2026:0031","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0033","reference_id":"RHSA-2026:0033","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0033"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0034","reference_id":"RHSA-2026:0034","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0035","reference_id":"RHSA-2026:0035","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0036","reference_id":"RHSA-2026:0036","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0036"},{"reference_url":"https://usn.ubuntu.com/7846-1/","reference_id":"USN-7846-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7846-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2025-62230"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sx54-5s5r-ckg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66664?format=json","vulnerability_id":"VCID-t1cy-srre-nkbp","summary":"xorg: xmayland: Value overflow in XkbSetCompatMap()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62231.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62231.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62231","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01226","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01954","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01955","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01939","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01933","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01914","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01913","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01983","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01982","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02011","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01962","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0197","published_at":"2026-04-09T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00898","published_at":"2026-04-08T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0089","published_at":"2026-04-02T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00892","published_at":"2026-04-04T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00895","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62231"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.x.org/archives/xorg-announce/2025-October/003635.html","reference_id":"003635.html","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://lists.x.org/archives/xorg-announce/2025-October/003635.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402660","reference_id":"2402660","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402660"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-62231","reference_id":"CVE-2025-62231","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-62231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19432","reference_id":"RHSA-2025:19432","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19433","reference_id":"RHSA-2025:19433","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19434","reference_id":"RHSA-2025:19434","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19435","reference_id":"RHSA-2025:19435","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19489","reference_id":"RHSA-2025:19489","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19623","reference_id":"RHSA-2025:19623","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19909","reference_id":"RHSA-2025:19909","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20958","reference_id":"RHSA-2025:20958","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20960","reference_id":"RHSA-2025:20960","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20961","reference_id":"RHSA-2025:20961","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21035","reference_id":"RHSA-2025:21035","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22040","reference_id":"RHSA-2025:22040","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22041","reference_id":"RHSA-2025:22041","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22051","reference_id":"RHSA-2025:22051","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22055","reference_id":"RHSA-2025:22055","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22056","reference_id":"RHSA-2025:22056","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22077","reference_id":"RHSA-2025:22077","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22096","reference_id":"RHSA-2025:22096","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22164","reference_id":"RHSA-2025:22164","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22167","reference_id":"RHSA-2025:22167","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22364","reference_id":"RHSA-2025:22364","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22364"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22365","reference_id":"RHSA-2025:22365","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22365"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22426","reference_id":"RHSA-2025:22426","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22426"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22427","reference_id":"RHSA-2025:22427","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22667","reference_id":"RHSA-2025:22667","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22729","reference_id":"RHSA-2025:22729","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22742","reference_id":"RHSA-2025:22742","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22753","reference_id":"RHSA-2025:22753","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0031","reference_id":"RHSA-2026:0031","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0033","reference_id":"RHSA-2026:0033","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0033"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0034","reference_id":"RHSA-2026:0034","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0035","reference_id":"RHSA-2026:0035","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0036","reference_id":"RHSA-2026:0036","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0036"},{"reference_url":"https://usn.ubuntu.com/7846-1/","reference_id":"USN-7846-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7846-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2025-62231"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t1cy-srre-nkbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49325?format=json","vulnerability_id":"VCID-trsp-u7xt-a3ck","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6377.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6377.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6377","reference_id":"","reference_type":"","scores":[{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59402","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59416","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59354","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60023","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60018","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60036","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61455","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61441","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61422","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61461","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61465","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61402","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61418","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61434","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61372","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61374","published_at":"2026-04-02T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6377"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6377","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6377"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6478"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2253291","reference_id":"2253291","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2253291"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7886","reference_id":"RHSA-2023:7886","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7886"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0006","reference_id":"RHSA-2024:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0009","reference_id":"RHSA-2024:0009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0010","reference_id":"RHSA-2024:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0014","reference_id":"RHSA-2024:0014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0015","reference_id":"RHSA-2024:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0016","reference_id":"RHSA-2024:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0017","reference_id":"RHSA-2024:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0018","reference_id":"RHSA-2024:0018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0020","reference_id":"RHSA-2024:0020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13998","reference_id":"RHSA-2025:13998","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13998"},{"reference_url":"https://usn.ubuntu.com/6555-1/","reference_id":"USN-6555-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6555-1/"},{"reference_url":"https://usn.ubuntu.com/6555-2/","reference_id":"USN-6555-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6555-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943722?format=json","purl":"pkg:deb/debian/xwayland@2:23.2.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2023-6377"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-trsp-u7xt-a3ck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49323?format=json","vulnerability_id":"VCID-un9v-4svv-2baj","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5367.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5367.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5367","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20089","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20146","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19876","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19955","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20009","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20029","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19985","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19927","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19905","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19909","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19906","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19799","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19794","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19764","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19674","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.1975","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5367"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5367","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5367"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5380"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2243091","reference_id":"2243091","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2243091"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6802","reference_id":"RHSA-2023:6802","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6808","reference_id":"RHSA-2023:6808","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6808"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7373","reference_id":"RHSA-2023:7373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7388","reference_id":"RHSA-2023:7388","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7405","reference_id":"RHSA-2023:7405","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7405"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7428","reference_id":"RHSA-2023:7428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7436","reference_id":"RHSA-2023:7436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7526","reference_id":"RHSA-2023:7526","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7526"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7533","reference_id":"RHSA-2023:7533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0010","reference_id":"RHSA-2024:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0128","reference_id":"RHSA-2024:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6453-1/","reference_id":"USN-6453-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6453-1/"},{"reference_url":"https://usn.ubuntu.com/6453-2/","reference_id":"USN-6453-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6453-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943721?format=json","purl":"pkg:deb/debian/xwayland@2:23.2.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2023-5367"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-un9v-4svv-2baj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46301?format=json","vulnerability_id":"VCID-uxsy-k3cg-mkdd","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46343.json","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46343.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2022-46343","reference_id":"","reference_type":"","scores":[{"value":"0.01109","scoring_system":"epss","scoring_elements":"0.78136","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01109","scoring_system":"epss","scoring_elements":"0.78154","published_at":"2026-04-11T12:55:00Z"},{"value":"0.01109","scoring_system":"epss","scoring_elements":"0.78128","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01109","scoring_system":"epss","scoring_elements":"0.78122","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01109","scoring_system":"epss","scoring_elements":"0.78113","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01109","scoring_system":"epss","scoring_elements":"0.78096","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01109","scoring_system":"epss","scoring_elements":"0.78083","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01109","scoring_system":"epss","scoring_elements":"0.78132","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01112","scoring_system":"epss","scoring_elements":"0.7828","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01112","scoring_system":"epss","scoring_elements":"0.78254","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01181","scoring_system":"epss","scoring_elements":"0.78802","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01181","scoring_system":"epss","scoring_elements":"0.78778","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01181","scoring_system":"epss","scoring_elements":"0.78827","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01181","scoring_system":"epss","scoring_elements":"0.7881","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01181","scoring_system":"epss","scoring_elements":"0.78774","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01181","scoring_system":"epss","scoring_elements":"0.7878","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2022-46343"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071","reference_id":"1026071","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2151758","reference_id":"2151758","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:13:50Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2151758"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/","reference_id":"5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:13:50Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5NELB7YDWRABYYBG4UPTHRBDTKJRV5M2/"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2022-46343","reference_id":"CVE-2022-46343","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:13:50Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2022-46343"},{"reference_url":"https://www.debian.org/security/2022/dsa-5304","reference_id":"dsa-5304","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:13:50Z/"}],"url":"https://www.debian.org/security/2022/dsa-5304"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/","reference_id":"DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:13:50Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DXDF2O5PPLE3SVAJJYUOSAD5QZ4TWQ2G/"},{"reference_url":"https://security.gentoo.org/glsa/202305-30","reference_id":"GLSA-202305-30","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:13:50Z/"}],"url":"https://security.gentoo.org/glsa/202305-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0045","reference_id":"RHSA-2023:0045","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0045"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0046","reference_id":"RHSA-2023:0046","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0046"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2248","reference_id":"RHSA-2023:2248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2249","reference_id":"RHSA-2023:2249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2257","reference_id":"RHSA-2023:2257","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2257"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2805","reference_id":"RHSA-2023:2805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2806","reference_id":"RHSA-2023:2806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2830","reference_id":"RHSA-2023:2830","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2830"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/5778-1/","reference_id":"USN-5778-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5778-1/"},{"reference_url":"https://usn.ubuntu.com/5778-2/","reference_id":"USN-5778-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5778-2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/","reference_id":"Z67QC4C3I2FI2WRFIUPEHKC36J362MLA","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-22T15:13:50Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z67QC4C3I2FI2WRFIUPEHKC36J362MLA/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943719?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943713?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pcv-f5h3-9fe9"},{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-37e1-pzxj-2fdt"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-41cd-s77z-6bcc"},{"vulnerability":"VCID-4ngr-6ccu-r7fv"},{"vulnerability":"VCID-515f-a8yj-4fej"},{"vulnerability":"VCID-5awx-j7z7-qyak"},{"vulnerability":"VCID-6hwh-7tvr-sqgn"},{"vulnerability":"VCID-6rcq-qxef-nuf7"},{"vulnerability":"VCID-7nax-5yw9-eye8"},{"vulnerability":"VCID-9cjy-6fj5-r7ag"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-fgnr-h7rm-83d4"},{"vulnerability":"VCID-hkrr-v71f-xqdb"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-j6qd-r6ua-cfbm"},{"vulnerability":"VCID-juet-bb4m-hkhq"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-p1tf-2c6u-tygr"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-phkz-t2yr-m7em"},{"vulnerability":"VCID-qwqu-19wq-1ke8"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-trsp-u7xt-a3ck"},{"vulnerability":"VCID-un9v-4svv-2baj"},{"vulnerability":"VCID-v9p1-8sb6-9ufr"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"},{"vulnerability":"VCID-x3p6-a59z-ebf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2022-46343"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"7.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uxsy-k3cg-mkdd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49331?format=json","vulnerability_id":"VCID-v9p1-8sb6-9ufr","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21885.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21885.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21885","reference_id":"","reference_type":"","scores":[{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46906","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46983","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46969","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.4698","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46931","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46844","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49304","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49301","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49319","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49293","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49344","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.4934","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49268","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49296","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.4925","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2256540","reference_id":"2256540","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2256540"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-21885","reference_id":"CVE-2024-21885","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-21885"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0320","reference_id":"RHSA-2024:0320","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0557","reference_id":"RHSA-2024:0557","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0558","reference_id":"RHSA-2024:0558","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0558"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0597","reference_id":"RHSA-2024:0597","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0607","reference_id":"RHSA-2024:0607","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0614","reference_id":"RHSA-2024:0614","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0617","reference_id":"RHSA-2024:0617","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0617"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0621","reference_id":"RHSA-2024:0621","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0626","reference_id":"RHSA-2024:0626","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0629","reference_id":"RHSA-2024:0629","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6587-1/","reference_id":"USN-6587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-1/"},{"reference_url":"https://usn.ubuntu.com/6587-2/","reference_id":"USN-6587-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-2/"},{"reference_url":"https://usn.ubuntu.com/6587-5/","reference_id":"USN-6587-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943723?format=json","purl":"pkg:deb/debian/xwayland@2:23.2.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2024-21885"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v9p1-8sb6-9ufr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46303?format=json","vulnerability_id":"VCID-wh9v-35ju-vbcb","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0494.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-0494.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0494","reference_id":"","reference_type":"","scores":[{"value":"0.00613","scoring_system":"epss","scoring_elements":"0.69776","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00613","scoring_system":"epss","scoring_elements":"0.69816","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00613","scoring_system":"epss","scoring_elements":"0.69792","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00613","scoring_system":"epss","scoring_elements":"0.69768","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00613","scoring_system":"epss","scoring_elements":"0.69831","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00613","scoring_system":"epss","scoring_elements":"0.69854","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00613","scoring_system":"epss","scoring_elements":"0.69839","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00613","scoring_system":"epss","scoring_elements":"0.69824","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00711","scoring_system":"epss","scoring_elements":"0.72304","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00711","scoring_system":"epss","scoring_elements":"0.72332","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00711","scoring_system":"epss","scoring_elements":"0.72361","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00711","scoring_system":"epss","scoring_elements":"0.72295","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00711","scoring_system":"epss","scoring_elements":"0.72292","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00711","scoring_system":"epss","scoring_elements":"0.72336","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00711","scoring_system":"epss","scoring_elements":"0.72345","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00711","scoring_system":"epss","scoring_elements":"0.72341","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-0494"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0494","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0494"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.x.org/archives/xorg-announce/2023-February/003320.html","reference_id":"003320.html","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T17:41:52Z/"}],"url":"https://lists.x.org/archives/xorg-announce/2023-February/003320.html"},{"reference_url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec","reference_id":"0ba6d8c37071131a49790243cdac55392ecf71ec","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T17:41:52Z/"}],"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/0ba6d8c37071131a49790243cdac55392ecf71ec"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030777","reference_id":"1030777","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030777"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2165995","reference_id":"2165995","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T17:41:52Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2165995"},{"reference_url":"https://security.gentoo.org/glsa/202305-30","reference_id":"GLSA-202305-30","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-24T17:41:52Z/"}],"url":"https://security.gentoo.org/glsa/202305-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0622","reference_id":"RHSA-2023:0622","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0622"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0623","reference_id":"RHSA-2023:0623","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0662","reference_id":"RHSA-2023:0662","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0662"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0663","reference_id":"RHSA-2023:0663","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0663"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0664","reference_id":"RHSA-2023:0664","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0664"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0665","reference_id":"RHSA-2023:0665","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0665"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0671","reference_id":"RHSA-2023:0671","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0671"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:0675","reference_id":"RHSA-2023:0675","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:0675"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2248","reference_id":"RHSA-2023:2248","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2248"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2249","reference_id":"RHSA-2023:2249","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2249"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2805","reference_id":"RHSA-2023:2805","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2805"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:2806","reference_id":"RHSA-2023:2806","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:2806"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/5778-2/","reference_id":"USN-5778-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5778-2/"},{"reference_url":"https://usn.ubuntu.com/5846-1/","reference_id":"USN-5846-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5846-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943720?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943713?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pcv-f5h3-9fe9"},{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-37e1-pzxj-2fdt"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-41cd-s77z-6bcc"},{"vulnerability":"VCID-4ngr-6ccu-r7fv"},{"vulnerability":"VCID-515f-a8yj-4fej"},{"vulnerability":"VCID-5awx-j7z7-qyak"},{"vulnerability":"VCID-6hwh-7tvr-sqgn"},{"vulnerability":"VCID-6rcq-qxef-nuf7"},{"vulnerability":"VCID-7nax-5yw9-eye8"},{"vulnerability":"VCID-9cjy-6fj5-r7ag"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-fgnr-h7rm-83d4"},{"vulnerability":"VCID-hkrr-v71f-xqdb"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-j6qd-r6ua-cfbm"},{"vulnerability":"VCID-juet-bb4m-hkhq"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-p1tf-2c6u-tygr"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-phkz-t2yr-m7em"},{"vulnerability":"VCID-qwqu-19wq-1ke8"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-trsp-u7xt-a3ck"},{"vulnerability":"VCID-un9v-4svv-2baj"},{"vulnerability":"VCID-v9p1-8sb6-9ufr"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"},{"vulnerability":"VCID-x3p6-a59z-ebf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2023-0494"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wh9v-35ju-vbcb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46305?format=json","vulnerability_id":"VCID-wp8b-r6p1-7kcf","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1393.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-1393.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1393","reference_id":"","reference_type":"","scores":[{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23801","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23662","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.2365","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23706","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23749","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23734","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23687","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23841","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0008","scoring_system":"epss","scoring_elements":"0.23618","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25811","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.26007","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25972","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25912","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25908","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.2586","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00093","scoring_system":"epss","scoring_elements":"0.25753","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-1393"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1393","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1393"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://www.openwall.com/lists/oss-security/2023/03/29/1","reference_id":"1","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/"}],"url":"https://www.openwall.com/lists/oss-security/2023/03/29/1"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2180288","reference_id":"2180288","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2180288"},{"reference_url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110","reference_id":"26ef545b3502f61ca722a7a3373507e88ef64110","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/"}],"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/26ef545b3502f61ca722a7a3373507e88ef64110"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPNQYHUI63DB5FHK6EOI3Z4C6YQZGZKI/","reference_id":"BPNQYHUI63DB5FHK6EOI3Z4C6YQZGZKI","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BPNQYHUI63DB5FHK6EOI3Z4C6YQZGZKI/"},{"reference_url":"https://security.gentoo.org/glsa/202305-30","reference_id":"GLSA-202305-30","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/"}],"url":"https://security.gentoo.org/glsa/202305-30"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3EVO3OQV6T4BSABWZ2TU3PY5TJTEQZ2/","reference_id":"H3EVO3OQV6T4BSABWZ2TU3PY5TJTEQZ2","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/H3EVO3OQV6T4BSABWZ2TU3PY5TJTEQZ2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MEHSYYFGBN3G4RS2HJXKQ5NBMOAZ5F2F/","reference_id":"MEHSYYFGBN3G4RS2HJXKQ5NBMOAZ5F2F","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MEHSYYFGBN3G4RS2HJXKQ5NBMOAZ5F2F/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NOYATGGPMT3COC7ELAJW5TG2PVS3AFR2/","reference_id":"NOYATGGPMT3COC7ELAJW5TG2PVS3AFR2","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NOYATGGPMT3COC7ELAJW5TG2PVS3AFR2/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PSAAGI5V77FQXIT5PP4URP6BYQVCK5U5/","reference_id":"PSAAGI5V77FQXIT5PP4URP6BYQVCK5U5","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PSAAGI5V77FQXIT5PP4URP6BYQVCK5U5/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHJMSMK7G4GPLMKIGKXIOL2RTKU5VFWE/","reference_id":"QHJMSMK7G4GPLMKIGKXIOL2RTKU5VFWE","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QHJMSMK7G4GPLMKIGKXIOL2RTKU5VFWE/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1548","reference_id":"RHSA-2023:1548","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1548"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1549","reference_id":"RHSA-2023:1549","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1549"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1551","reference_id":"RHSA-2023:1551","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1551"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1592","reference_id":"RHSA-2023:1592","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1592"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1594","reference_id":"RHSA-2023:1594","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1594"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1598","reference_id":"RHSA-2023:1598","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1598"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1599","reference_id":"RHSA-2023:1599","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1599"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:1600","reference_id":"RHSA-2023:1600","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:1600"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6340","reference_id":"RHSA-2023:6340","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6340"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6341","reference_id":"RHSA-2023:6341","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6341"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6916","reference_id":"RHSA-2023:6916","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6916"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6917","reference_id":"RHSA-2023:6917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6917"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SW2NRC3V53PIBXFPFBVWCOM2MDDILWQS/","reference_id":"SW2NRC3V53PIBXFPFBVWCOM2MDDILWQS","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SW2NRC3V53PIBXFPFBVWCOM2MDDILWQS/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWFUDSBSABRHQOX6TIQ5O3SNPFTPFQQP/","reference_id":"SWFUDSBSABRHQOX6TIQ5O3SNPFTPFQQP","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-14T15:42:21Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SWFUDSBSABRHQOX6TIQ5O3SNPFTPFQQP/"},{"reference_url":"https://usn.ubuntu.com/5986-1/","reference_id":"USN-5986-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5986-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943713?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pcv-f5h3-9fe9"},{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-37e1-pzxj-2fdt"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-41cd-s77z-6bcc"},{"vulnerability":"VCID-4ngr-6ccu-r7fv"},{"vulnerability":"VCID-515f-a8yj-4fej"},{"vulnerability":"VCID-5awx-j7z7-qyak"},{"vulnerability":"VCID-6hwh-7tvr-sqgn"},{"vulnerability":"VCID-6rcq-qxef-nuf7"},{"vulnerability":"VCID-7nax-5yw9-eye8"},{"vulnerability":"VCID-9cjy-6fj5-r7ag"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-fgnr-h7rm-83d4"},{"vulnerability":"VCID-hkrr-v71f-xqdb"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-j6qd-r6ua-cfbm"},{"vulnerability":"VCID-juet-bb4m-hkhq"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-p1tf-2c6u-tygr"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-phkz-t2yr-m7em"},{"vulnerability":"VCID-qwqu-19wq-1ke8"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-trsp-u7xt-a3ck"},{"vulnerability":"VCID-un9v-4svv-2baj"},{"vulnerability":"VCID-v9p1-8sb6-9ufr"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"},{"vulnerability":"VCID-x3p6-a59z-ebf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2023-1393"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wp8b-r6p1-7kcf"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69417?format=json","vulnerability_id":"VCID-wyuw-13t9-rbg1","summary":"xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49176.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49176.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49176","reference_id":"","reference_type":"","scores":[{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24102","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24253","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24188","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.2423","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24214","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24169","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24316","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44631","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44852","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44904","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44898","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44832","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44745","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44752","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44675","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44561","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49176"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49176","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49176"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/03731b326a80b582e48d939fe62cb1e2b10400d9","reference_id":"03731b326a80b582e48d939fe62cb1e2b10400d9","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/03731b326a80b582e48d939fe62cb1e2b10400d9"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108073","reference_id":"1108073","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108073"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369","reference_id":"1108369","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369954","reference_id":"2369954","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369954"},{"reference_url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/4fc4d76b2c7aaed61ed2653f997783a3714c4fe1","reference_id":"4fc4d76b2c7aaed61ed2653f997783a3714c4fe1","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/4fc4d76b2c7aaed61ed2653f997783a3714c4fe1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server","reference_id":"cpe:/o:redhat:rhel_aus:7.7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-49176","reference_id":"CVE-2025-49176","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-49176"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10258","reference_id":"RHSA-2025:10258","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10342","reference_id":"RHSA-2025:10342","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10343","reference_id":"RHSA-2025:10343","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10344","reference_id":"RHSA-2025:10344","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10346","reference_id":"RHSA-2025:10346","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10347","reference_id":"RHSA-2025:10347","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10348","reference_id":"RHSA-2025:10348","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10349","reference_id":"RHSA-2025:10349","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10350","reference_id":"RHSA-2025:10350","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10351","reference_id":"RHSA-2025:10351","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10352","reference_id":"RHSA-2025:10352","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10355","reference_id":"RHSA-2025:10355","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10356","reference_id":"RHSA-2025:10356","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10356"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10360","reference_id":"RHSA-2025:10360","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10370","reference_id":"RHSA-2025:10370","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10374","reference_id":"RHSA-2025:10374","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10375","reference_id":"RHSA-2025:10375","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10376","reference_id":"RHSA-2025:10376","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10377","reference_id":"RHSA-2025:10377","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10377"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10378","reference_id":"RHSA-2025:10378","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10381","reference_id":"RHSA-2025:10381","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10410","reference_id":"RHSA-2025:10410","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9303","reference_id":"RHSA-2025:9303","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9304","reference_id":"RHSA-2025:9304","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9305","reference_id":"RHSA-2025:9305","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9306","reference_id":"RHSA-2025:9306","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9392","reference_id":"RHSA-2025:9392","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9964","reference_id":"RHSA-2025:9964","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9964"},{"reference_url":"https://www.x.org/wiki/Development/Security/","reference_id":"Security","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://www.x.org/wiki/Development/Security/"},{"reference_url":"https://usn.ubuntu.com/7573-1/","reference_id":"USN-7573-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-1/"},{"reference_url":"https://usn.ubuntu.com/7573-2/","reference_id":"USN-7573-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943726?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2025-49176"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wyuw-13t9-rbg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267378?format=json","vulnerability_id":"VCID-wzer-jnm3-rqa8","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33999.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33999.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33999","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01565","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01781","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01776","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01819","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01571","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33999"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451106","reference_id":"2451106","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T03:55:33Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-33999","reference_id":"CVE-2026-33999","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T03:55:33Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-33999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10739","reference_id":"RHSA-2026:10739","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:10739"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11352","reference_id":"RHSA-2026:11352","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11369","reference_id":"RHSA-2026:11369","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11388","reference_id":"RHSA-2026:11388","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11656","reference_id":"RHSA-2026:11656","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11692","reference_id":"RHSA-2026:11692","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13414","reference_id":"RHSA-2026:13414","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:13414"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2026-33999"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wzer-jnm3-rqa8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267380?format=json","vulnerability_id":"VCID-x3dk-fny6-fqa5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34001.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34001.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34001","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02661","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02741","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02727","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02643","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03012","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34001","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34001"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451109","reference_id":"2451109","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T16:19:24Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451109"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-34001","reference_id":"CVE-2026-34001","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T16:19:24Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-34001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10739","reference_id":"RHSA-2026:10739","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T16:19:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:10739"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11352","reference_id":"RHSA-2026:11352","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T16:19:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11369","reference_id":"RHSA-2026:11369","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T16:19:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11388","reference_id":"RHSA-2026:11388","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T16:19:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11656","reference_id":"RHSA-2026:11656","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T16:19:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11692","reference_id":"RHSA-2026:11692","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T16:19:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13414","reference_id":"RHSA-2026:13414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13414"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2026-34001"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x3dk-fny6-fqa5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49326?format=json","vulnerability_id":"VCID-x3p6-a59z-ebf3","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6478.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6478.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6478","reference_id":"","reference_type":"","scores":[{"value":"0.00958","scoring_system":"epss","scoring_elements":"0.76482","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01113","scoring_system":"epss","scoring_elements":"0.78283","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01113","scoring_system":"epss","scoring_elements":"0.78257","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01143","scoring_system":"epss","scoring_elements":"0.78499","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01143","scoring_system":"epss","scoring_elements":"0.78506","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01143","scoring_system":"epss","scoring_elements":"0.78521","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.78996","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.78981","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.78971","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.78999","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.7893","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.78958","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.78966","published_at":"2026-04-08T12:55:00Z"},{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.78972","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.78941","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6377","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6377"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6478"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2253298","reference_id":"2253298","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2253298"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7886","reference_id":"RHSA-2023:7886","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7886"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0006","reference_id":"RHSA-2024:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0009","reference_id":"RHSA-2024:0009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0010","reference_id":"RHSA-2024:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0014","reference_id":"RHSA-2024:0014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0015","reference_id":"RHSA-2024:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0016","reference_id":"RHSA-2024:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0017","reference_id":"RHSA-2024:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0018","reference_id":"RHSA-2024:0018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0020","reference_id":"RHSA-2024:0020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6555-1/","reference_id":"USN-6555-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6555-1/"},{"reference_url":"https://usn.ubuntu.com/6555-2/","reference_id":"USN-6555-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6555-2/"},{"reference_url":"https://usn.ubuntu.com/6587-5/","reference_id":"USN-6587-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943722?format=json","purl":"pkg:deb/debian/xwayland@2:23.2.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:23.2.3-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2023-6478"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x3p6-a59z-ebf3"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/46287?format=json","vulnerability_id":"VCID-zhdy-8stm-q3ey","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4009.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-4009.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4009","reference_id":"","reference_type":"","scores":[{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25795","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25503","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25596","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25546","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25436","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25855","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25898","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.2567","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25741","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25789","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25799","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25757","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25699","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25702","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25684","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25661","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00091","scoring_system":"epss","scoring_elements":"0.25604","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-4009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4008"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4009"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4010"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4011"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2026072","reference_id":"2026072","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2026072"},{"reference_url":"https://security.archlinux.org/AVG-2636","reference_id":"AVG-2636","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2636"},{"reference_url":"https://security.archlinux.org/AVG-2640","reference_id":"AVG-2640","reference_type":"","scores":[{"value":"High","scoring_system":"archlinux","scoring_elements":""}],"url":"https://security.archlinux.org/AVG-2640"},{"reference_url":"https://security.gentoo.org/glsa/202305-30","reference_id":"GLSA-202305-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202305-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:0003","reference_id":"RHSA-2022:0003","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:0003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2022:1917","reference_id":"RHSA-2022:1917","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2022:1917"},{"reference_url":"https://usn.ubuntu.com/5193-1/","reference_id":"USN-5193-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5193-1/"},{"reference_url":"https://usn.ubuntu.com/5193-2/","reference_id":"USN-5193-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5193-2/"},{"reference_url":"https://usn.ubuntu.com/5193-3/","reference_id":"USN-5193-3","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/5193-3/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/943714?format=json","purl":"pkg:deb/debian/xwayland@2:21.1.4-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:21.1.4-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943713?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-1pcv-f5h3-9fe9"},{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-37e1-pzxj-2fdt"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-41cd-s77z-6bcc"},{"vulnerability":"VCID-4ngr-6ccu-r7fv"},{"vulnerability":"VCID-515f-a8yj-4fej"},{"vulnerability":"VCID-5awx-j7z7-qyak"},{"vulnerability":"VCID-6hwh-7tvr-sqgn"},{"vulnerability":"VCID-6rcq-qxef-nuf7"},{"vulnerability":"VCID-7nax-5yw9-eye8"},{"vulnerability":"VCID-9cjy-6fj5-r7ag"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-fgnr-h7rm-83d4"},{"vulnerability":"VCID-hkrr-v71f-xqdb"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-j6qd-r6ua-cfbm"},{"vulnerability":"VCID-juet-bb4m-hkhq"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-p1tf-2c6u-tygr"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-phkz-t2yr-m7em"},{"vulnerability":"VCID-qwqu-19wq-1ke8"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-trsp-u7xt-a3ck"},{"vulnerability":"VCID-un9v-4svv-2baj"},{"vulnerability":"VCID-v9p1-8sb6-9ufr"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"},{"vulnerability":"VCID-x3p6-a59z-ebf3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943716?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/943715?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1067653?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081589?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}],"aliases":["CVE-2021-4009"],"risk_score":4.0,"exploitability":"0.5","weighted_severity":"8.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-zhdy-8stm-q3ey"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1%3Fdistro=trixie"}