{"url":"http://public2.vulnerablecode.io/api/packages/994452?format=json","purl":"pkg:deb/debian/xwayland@2:22.1.9-1","type":"deb","namespace":"debian","name":"xwayland","version":"2:22.1.9-1","qualifiers":{},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":"2:24.1.11-1","latest_non_vulnerable_version":"2:24.1.11-1","affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59264?format=json","vulnerability_id":"VCID-1pcv-f5h3-9fe9","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26595.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26595.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26595","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05733","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05775","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05761","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05724","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05731","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05771","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05797","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08123","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08293","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08223","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08486","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08492","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08449","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10239","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.102","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18539","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26595"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26595","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26595"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906","reference_id":"1098906","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907","reference_id":"1098907","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345257","reference_id":"2345257","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345257"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-26595","reference_id":"CVE-2025-26595","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-26595"},{"reference_url":"https://security.gentoo.org/glsa/202506-04","reference_id":"GLSA-202506-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2500","reference_id":"RHSA-2025:2500","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2502","reference_id":"RHSA-2025:2502","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2861","reference_id":"RHSA-2025:2861","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2862","reference_id":"RHSA-2025:2862","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2865","reference_id":"RHSA-2025:2865","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2866","reference_id":"RHSA-2025:2866","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2873","reference_id":"RHSA-2025:2873","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2874","reference_id":"RHSA-2025:2874","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2875","reference_id":"RHSA-2025:2875","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2879","reference_id":"RHSA-2025:2879","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2880","reference_id":"RHSA-2025:2880","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3976","reference_id":"RHSA-2025:3976","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7163","reference_id":"RHSA-2025:7163","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7165","reference_id":"RHSA-2025:7165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7458","reference_id":"RHSA-2025:7458","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:05:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7458"},{"reference_url":"https://usn.ubuntu.com/7299-1/","reference_id":"USN-7299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-1/"},{"reference_url":"https://usn.ubuntu.com/7299-2/","reference_id":"USN-7299-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-2/"},{"reference_url":"https://usn.ubuntu.com/7299-4/","reference_id":"USN-7299-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2025-26595"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1pcv-f5h3-9fe9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69421?format=json","vulnerability_id":"VCID-2cp3-p3yx-17be","summary":"xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49180.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49180.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49180","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.1778","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18079","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17986","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17868","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17928","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17944","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17899","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30915","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30834","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30842","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.31292","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.3112","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30998","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00122","scoring_system":"epss","scoring_elements":"0.30765","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34558","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00147","scoring_system":"epss","scoring_elements":"0.34584","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36105","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36079","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.3612","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49180"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49180","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49180"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369","reference_id":"1108369","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369981","reference_id":"2369981","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369981"},{"reference_url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/3c3a4b767b16174d3213055947ea7f4f88e10ec6","reference_id":"3c3a4b767b16174d3213055947ea7f4f88e10ec6","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/3c3a4b767b16174d3213055947ea7f4f88e10ec6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server","reference_id":"cpe:/o:redhat:rhel_aus:7.7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-49180","reference_id":"CVE-2025-49180","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-49180"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10258","reference_id":"RHSA-2025:10258","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10342","reference_id":"RHSA-2025:10342","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10343","reference_id":"RHSA-2025:10343","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10344","reference_id":"RHSA-2025:10344","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10346","reference_id":"RHSA-2025:10346","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10347","reference_id":"RHSA-2025:10347","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10348","reference_id":"RHSA-2025:10348","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10349","reference_id":"RHSA-2025:10349","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10350","reference_id":"RHSA-2025:10350","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10351","reference_id":"RHSA-2025:10351","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10352","reference_id":"RHSA-2025:10352","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10355","reference_id":"RHSA-2025:10355","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10356","reference_id":"RHSA-2025:10356","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10356"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10360","reference_id":"RHSA-2025:10360","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10370","reference_id":"RHSA-2025:10370","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10374","reference_id":"RHSA-2025:10374","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10375","reference_id":"RHSA-2025:10375","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10376","reference_id":"RHSA-2025:10376","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10377","reference_id":"RHSA-2025:10377","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10377"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10378","reference_id":"RHSA-2025:10378","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10381","reference_id":"RHSA-2025:10381","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10410","reference_id":"RHSA-2025:10410","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9303","reference_id":"RHSA-2025:9303","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9304","reference_id":"RHSA-2025:9304","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9305","reference_id":"RHSA-2025:9305","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9306","reference_id":"RHSA-2025:9306","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9392","reference_id":"RHSA-2025:9392","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9964","reference_id":"RHSA-2025:9964","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:36:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9964"},{"reference_url":"https://usn.ubuntu.com/7573-1/","reference_id":"USN-7573-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-1/"},{"reference_url":"https://usn.ubuntu.com/7573-2/","reference_id":"USN-7573-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994958?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1068093?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089425?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1"}],"aliases":["CVE-2025-49180"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2cp3-p3yx-17be"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69419?format=json","vulnerability_id":"VCID-2vrb-n6cc-c7bc","summary":"xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49178.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49178.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49178","reference_id":"","reference_type":"","scores":[{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21881","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21634","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21711","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21768","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.2178","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00071","scoring_system":"epss","scoring_elements":"0.21741","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00076","scoring_system":"epss","scoring_elements":"0.22897","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.4076","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40618","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40691","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.4071","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40844","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.4095","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40857","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41013","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41056","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.41027","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45545","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00229","scoring_system":"epss","scoring_elements":"0.45571","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49178"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49178","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49178"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369","reference_id":"1108369","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369977","reference_id":"2369977","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369977"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server","reference_id":"cpe:/o:redhat:rhel_aus:7.7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-49178","reference_id":"CVE-2025-49178","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-49178"},{"reference_url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/d55c54cecb5e83eaa2d56bed5cc4461f9ba318c2","reference_id":"d55c54cecb5e83eaa2d56bed5cc4461f9ba318c2","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/d55c54cecb5e83eaa2d56bed5cc4461f9ba318c2"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10258","reference_id":"RHSA-2025:10258","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10342","reference_id":"RHSA-2025:10342","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10343","reference_id":"RHSA-2025:10343","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10344","reference_id":"RHSA-2025:10344","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10346","reference_id":"RHSA-2025:10346","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10347","reference_id":"RHSA-2025:10347","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10348","reference_id":"RHSA-2025:10348","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10349","reference_id":"RHSA-2025:10349","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10350","reference_id":"RHSA-2025:10350","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10351","reference_id":"RHSA-2025:10351","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10352","reference_id":"RHSA-2025:10352","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10355","reference_id":"RHSA-2025:10355","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10356","reference_id":"RHSA-2025:10356","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10356"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10360","reference_id":"RHSA-2025:10360","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10370","reference_id":"RHSA-2025:10370","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10374","reference_id":"RHSA-2025:10374","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10375","reference_id":"RHSA-2025:10375","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10376","reference_id":"RHSA-2025:10376","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10377","reference_id":"RHSA-2025:10377","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10377"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10378","reference_id":"RHSA-2025:10378","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10381","reference_id":"RHSA-2025:10381","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10410","reference_id":"RHSA-2025:10410","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9303","reference_id":"RHSA-2025:9303","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9304","reference_id":"RHSA-2025:9304","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9305","reference_id":"RHSA-2025:9305","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9306","reference_id":"RHSA-2025:9306","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9392","reference_id":"RHSA-2025:9392","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9964","reference_id":"RHSA-2025:9964","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9964"},{"reference_url":"https://www.x.org/wiki/Development/Security/","reference_id":"Security","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:05:17Z/"}],"url":"https://www.x.org/wiki/Development/Security/"},{"reference_url":"https://usn.ubuntu.com/7573-1/","reference_id":"USN-7573-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-1/"},{"reference_url":"https://usn.ubuntu.com/7573-2/","reference_id":"USN-7573-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994958?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1068093?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089425?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1"}],"aliases":["CVE-2025-49178"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2vrb-n6cc-c7bc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59267?format=json","vulnerability_id":"VCID-37e1-pzxj-2fdt","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26598.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26598.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26598","reference_id":"","reference_type":"","scores":[{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06135","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06177","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06173","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06165","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06123","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06106","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06148","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00023","scoring_system":"epss","scoring_elements":"0.06185","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08785","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08866","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.09005","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00031","scoring_system":"epss","scoring_elements":"0.08934","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09209","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09164","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09153","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11087","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.11043","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20468","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00066","scoring_system":"epss","scoring_elements":"0.20528","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26598"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26598","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26598"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906","reference_id":"1098906","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907","reference_id":"1098907","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345254","reference_id":"2345254","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345254"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-26598","reference_id":"CVE-2025-26598","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-26598"},{"reference_url":"https://security.gentoo.org/glsa/202506-04","reference_id":"GLSA-202506-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2500","reference_id":"RHSA-2025:2500","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2502","reference_id":"RHSA-2025:2502","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2861","reference_id":"RHSA-2025:2861","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2862","reference_id":"RHSA-2025:2862","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2865","reference_id":"RHSA-2025:2865","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2866","reference_id":"RHSA-2025:2866","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2873","reference_id":"RHSA-2025:2873","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2874","reference_id":"RHSA-2025:2874","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2875","reference_id":"RHSA-2025:2875","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2879","reference_id":"RHSA-2025:2879","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2880","reference_id":"RHSA-2025:2880","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3976","reference_id":"RHSA-2025:3976","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7163","reference_id":"RHSA-2025:7163","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7165","reference_id":"RHSA-2025:7165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7458","reference_id":"RHSA-2025:7458","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:24:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7458"},{"reference_url":"https://usn.ubuntu.com/7299-1/","reference_id":"USN-7299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-1/"},{"reference_url":"https://usn.ubuntu.com/7299-2/","reference_id":"USN-7299-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-2/"},{"reference_url":"https://usn.ubuntu.com/7299-4/","reference_id":"USN-7299-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2025-26598"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-37e1-pzxj-2fdt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267381?format=json","vulnerability_id":"VCID-3f4a-m4rt-qqej","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34002.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34002.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34002","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01843","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07403","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0828","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0831","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34002"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34002","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34002"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451112","reference_id":"2451112","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T14:27:00Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451112"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-34002","reference_id":"CVE-2026-34002","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-06T14:27:00Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-34002"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1068093?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089425?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1"}],"aliases":["CVE-2026-34002"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3f4a-m4rt-qqej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59265?format=json","vulnerability_id":"VCID-41cd-s77z-6bcc","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26596.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26596.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26596","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05733","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05775","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05761","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05724","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05731","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05771","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05797","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08123","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08293","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08223","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08486","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08492","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08449","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10239","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.102","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18539","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26596"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26596","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26596"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906","reference_id":"1098906","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907","reference_id":"1098907","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345256","reference_id":"2345256","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345256"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-26596","reference_id":"CVE-2025-26596","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-26596"},{"reference_url":"https://security.gentoo.org/glsa/202506-04","reference_id":"GLSA-202506-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2500","reference_id":"RHSA-2025:2500","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2502","reference_id":"RHSA-2025:2502","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2861","reference_id":"RHSA-2025:2861","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2862","reference_id":"RHSA-2025:2862","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2865","reference_id":"RHSA-2025:2865","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2866","reference_id":"RHSA-2025:2866","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2873","reference_id":"RHSA-2025:2873","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2874","reference_id":"RHSA-2025:2874","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2875","reference_id":"RHSA-2025:2875","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2879","reference_id":"RHSA-2025:2879","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2880","reference_id":"RHSA-2025:2880","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3976","reference_id":"RHSA-2025:3976","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7163","reference_id":"RHSA-2025:7163","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7165","reference_id":"RHSA-2025:7165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7458","reference_id":"RHSA-2025:7458","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T17:14:01Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7458"},{"reference_url":"https://usn.ubuntu.com/7299-1/","reference_id":"USN-7299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-1/"},{"reference_url":"https://usn.ubuntu.com/7299-2/","reference_id":"USN-7299-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-2/"},{"reference_url":"https://usn.ubuntu.com/7299-4/","reference_id":"USN-7299-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2025-26596"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-41cd-s77z-6bcc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41834?format=json","vulnerability_id":"VCID-4ngr-6ccu-r7fv","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31083.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31083.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31083","reference_id":"","reference_type":"","scores":[{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26026","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26124","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.2612","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26069","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.2596","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26024","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.2608","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00094","scoring_system":"epss","scoring_elements":"0.26009","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27995","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27952","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27893","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27902","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27841","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27884","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27951","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.27992","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.28048","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00101","scoring_system":"epss","scoring_elements":"0.28089","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31083"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272000","reference_id":"2272000","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2272000"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-31083","reference_id":"CVE-2024-31083","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-31083"},{"reference_url":"https://security.gentoo.org/glsa/202411-08","reference_id":"GLSA-202411-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202411-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1785","reference_id":"RHSA-2024:1785","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:1785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2036","reference_id":"RHSA-2024:2036","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2036"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2037","reference_id":"RHSA-2024:2037","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2037"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2038","reference_id":"RHSA-2024:2038","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2038"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2039","reference_id":"RHSA-2024:2039","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2039"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2040","reference_id":"RHSA-2024:2040","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2041","reference_id":"RHSA-2024:2041","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2042","reference_id":"RHSA-2024:2042","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2080","reference_id":"RHSA-2024:2080","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2616","reference_id":"RHSA-2024:2616","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2616"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3258","reference_id":"RHSA-2024:3258","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3261","reference_id":"RHSA-2024:3261","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3343","reference_id":"RHSA-2024:3343","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9093","reference_id":"RHSA-2024:9093","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9093"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9122","reference_id":"RHSA-2024:9122","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-05T18:36:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6721-1/","reference_id":"USN-6721-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6721-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2024-31083"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4ngr-6ccu-r7fv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59271?format=json","vulnerability_id":"VCID-515f-a8yj-4fej","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26600.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26600.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26600","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05733","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05775","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05761","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05724","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05731","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05771","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05797","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08123","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08293","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08223","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08486","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08492","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08449","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10239","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.102","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18539","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26600"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26600","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26600"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906","reference_id":"1098906","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907","reference_id":"1098907","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345252","reference_id":"2345252","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345252"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-26600","reference_id":"CVE-2025-26600","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-26600"},{"reference_url":"https://security.gentoo.org/glsa/202506-04","reference_id":"GLSA-202506-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2500","reference_id":"RHSA-2025:2500","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2502","reference_id":"RHSA-2025:2502","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2861","reference_id":"RHSA-2025:2861","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2862","reference_id":"RHSA-2025:2862","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2865","reference_id":"RHSA-2025:2865","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2866","reference_id":"RHSA-2025:2866","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2873","reference_id":"RHSA-2025:2873","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2874","reference_id":"RHSA-2025:2874","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2875","reference_id":"RHSA-2025:2875","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2879","reference_id":"RHSA-2025:2879","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2880","reference_id":"RHSA-2025:2880","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3976","reference_id":"RHSA-2025:3976","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7163","reference_id":"RHSA-2025:7163","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7165","reference_id":"RHSA-2025:7165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7458","reference_id":"RHSA-2025:7458","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:16:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7458"},{"reference_url":"https://usn.ubuntu.com/7299-1/","reference_id":"USN-7299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-1/"},{"reference_url":"https://usn.ubuntu.com/7299-2/","reference_id":"USN-7299-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-2/"},{"reference_url":"https://usn.ubuntu.com/7299-4/","reference_id":"USN-7299-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2025-26600"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-515f-a8yj-4fej"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49329?format=json","vulnerability_id":"VCID-5awx-j7z7-qyak","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0408.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0408.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0408","reference_id":"","reference_type":"","scores":[{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04392","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04147","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04271","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04284","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04304","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04337","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04324","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04349","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04386","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00017","scoring_system":"epss","scoring_elements":"0.04388","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.04857","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.04831","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00019","scoring_system":"epss","scoring_elements":"0.04874","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06484","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06409","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06496","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06491","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06473","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00024","scoring_system":"epss","scoring_elements":"0.06453","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257689","reference_id":"2257689","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257689"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-0408","reference_id":"CVE-2024-0408","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-0408"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0320","reference_id":"RHSA-2024:0320","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T17:14:07Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://usn.ubuntu.com/6587-1/","reference_id":"USN-6587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-1/"},{"reference_url":"https://usn.ubuntu.com/6587-2/","reference_id":"USN-6587-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-2/"},{"reference_url":"https://usn.ubuntu.com/6587-5/","reference_id":"USN-6587-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2024-0408"],"risk_score":2.5,"exploitability":"0.5","weighted_severity":"5.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5awx-j7z7-qyak"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59266?format=json","vulnerability_id":"VCID-6hwh-7tvr-sqgn","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26597.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26597.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26597","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05733","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05775","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05761","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05724","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05731","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05771","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05797","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08123","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08293","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08223","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08486","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08492","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08449","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10239","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.102","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18539","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26597"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26597","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26597"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906","reference_id":"1098906","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907","reference_id":"1098907","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345255","reference_id":"2345255","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345255"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-26597","reference_id":"CVE-2025-26597","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-26597"},{"reference_url":"https://security.gentoo.org/glsa/202506-04","reference_id":"GLSA-202506-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2500","reference_id":"RHSA-2025:2500","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2502","reference_id":"RHSA-2025:2502","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2861","reference_id":"RHSA-2025:2861","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2862","reference_id":"RHSA-2025:2862","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2865","reference_id":"RHSA-2025:2865","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2866","reference_id":"RHSA-2025:2866","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2873","reference_id":"RHSA-2025:2873","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2874","reference_id":"RHSA-2025:2874","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2875","reference_id":"RHSA-2025:2875","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2879","reference_id":"RHSA-2025:2879","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2880","reference_id":"RHSA-2025:2880","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3976","reference_id":"RHSA-2025:3976","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7163","reference_id":"RHSA-2025:7163","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7165","reference_id":"RHSA-2025:7165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7458","reference_id":"RHSA-2025:7458","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:39:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7458"},{"reference_url":"https://usn.ubuntu.com/7299-1/","reference_id":"USN-7299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-1/"},{"reference_url":"https://usn.ubuntu.com/7299-2/","reference_id":"USN-7299-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-2/"},{"reference_url":"https://usn.ubuntu.com/7299-4/","reference_id":"USN-7299-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2025-26597"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6hwh-7tvr-sqgn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49328?format=json","vulnerability_id":"VCID-6rcq-qxef-nuf7","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0229.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0229.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0229","reference_id":"","reference_type":"","scores":[{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52815","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52842","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.5281","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52821","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52783","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52728","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52779","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52822","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00295","scoring_system":"epss","scoring_elements":"0.52789","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55137","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55158","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55161","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55145","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55157","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55119","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55096","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.5512","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00321","scoring_system":"epss","scoring_elements":"0.55095","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2256690","reference_id":"2256690","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2256690"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-0229","reference_id":"CVE-2024-0229","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-0229"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0320","reference_id":"RHSA-2024:0320","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0557","reference_id":"RHSA-2024:0557","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0558","reference_id":"RHSA-2024:0558","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0558"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0597","reference_id":"RHSA-2024:0597","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0607","reference_id":"RHSA-2024:0607","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0614","reference_id":"RHSA-2024:0614","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0617","reference_id":"RHSA-2024:0617","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0617"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0621","reference_id":"RHSA-2024:0621","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0626","reference_id":"RHSA-2024:0626","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0629","reference_id":"RHSA-2024:0629","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-02-12T16:50:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6587-1/","reference_id":"USN-6587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-1/"},{"reference_url":"https://usn.ubuntu.com/6587-2/","reference_id":"USN-6587-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-2/"},{"reference_url":"https://usn.ubuntu.com/6587-5/","reference_id":"USN-6587-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2024-0229"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6rcq-qxef-nuf7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59269?format=json","vulnerability_id":"VCID-7nax-5yw9-eye8","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26599.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26599.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26599","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05733","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05775","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05761","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05724","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05731","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05771","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05797","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08123","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08293","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08223","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08486","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08492","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08449","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10239","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.102","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18539","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26599"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906","reference_id":"1098906","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907","reference_id":"1098907","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345253","reference_id":"2345253","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345253"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-26599","reference_id":"CVE-2025-26599","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-26599"},{"reference_url":"https://security.gentoo.org/glsa/202506-04","reference_id":"GLSA-202506-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2500","reference_id":"RHSA-2025:2500","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2502","reference_id":"RHSA-2025:2502","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2861","reference_id":"RHSA-2025:2861","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2862","reference_id":"RHSA-2025:2862","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2865","reference_id":"RHSA-2025:2865","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2866","reference_id":"RHSA-2025:2866","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2873","reference_id":"RHSA-2025:2873","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2874","reference_id":"RHSA-2025:2874","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2875","reference_id":"RHSA-2025:2875","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2879","reference_id":"RHSA-2025:2879","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2880","reference_id":"RHSA-2025:2880","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3976","reference_id":"RHSA-2025:3976","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7163","reference_id":"RHSA-2025:7163","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7165","reference_id":"RHSA-2025:7165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7458","reference_id":"RHSA-2025:7458","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:22:35Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7458"},{"reference_url":"https://usn.ubuntu.com/7299-1/","reference_id":"USN-7299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-1/"},{"reference_url":"https://usn.ubuntu.com/7299-2/","reference_id":"USN-7299-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-2/"},{"reference_url":"https://usn.ubuntu.com/7299-4/","reference_id":"USN-7299-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2025-26599"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7nax-5yw9-eye8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41832?format=json","vulnerability_id":"VCID-9cjy-6fj5-r7ag","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31081.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31081.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31081","reference_id":"","reference_type":"","scores":[{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30911","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3097","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30975","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30888","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31572","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31616","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31436","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31488","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31517","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31522","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3148","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31443","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31477","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31456","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31424","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31255","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3113","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3105","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30901","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2271998","reference_id":"2271998","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2271998"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-31081","reference_id":"CVE-2024-31081","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-31081"},{"reference_url":"https://security.gentoo.org/glsa/202411-08","reference_id":"GLSA-202411-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202411-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1785","reference_id":"RHSA-2024:1785","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:1785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2036","reference_id":"RHSA-2024:2036","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2036"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2037","reference_id":"RHSA-2024:2037","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2037"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2038","reference_id":"RHSA-2024:2038","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2038"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2039","reference_id":"RHSA-2024:2039","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2039"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2040","reference_id":"RHSA-2024:2040","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2041","reference_id":"RHSA-2024:2041","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2042","reference_id":"RHSA-2024:2042","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2080","reference_id":"RHSA-2024:2080","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2616","reference_id":"RHSA-2024:2616","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2616"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3258","reference_id":"RHSA-2024:3258","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3261","reference_id":"RHSA-2024:3261","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3343","reference_id":"RHSA-2024:3343","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9093","reference_id":"RHSA-2024:9093","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9093"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9122","reference_id":"RHSA-2024:9122","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-04T16:37:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6721-1/","reference_id":"USN-6721-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6721-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2024-31081"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9cjy-6fj5-r7ag"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66662?format=json","vulnerability_id":"VCID-e9px-edn1-tufs","summary":"xorg: xmayland: Use-after-free in XPresentNotify structure creation","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62229.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62229.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62229","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01112","published_at":"2026-04-04T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01109","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01118","published_at":"2026-04-07T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01124","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01589","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02785","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02703","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02758","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.0273","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02746","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02784","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02664","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.0264","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02626","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02624","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02607","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02615","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02716","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62229","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62229"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.x.org/archives/xorg-announce/2025-October/003635.html","reference_id":"003635.html","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://lists.x.org/archives/xorg-announce/2025-October/003635.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402649","reference_id":"2402649","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402649"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-62229","reference_id":"CVE-2025-62229","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-62229"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19432","reference_id":"RHSA-2025:19432","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19433","reference_id":"RHSA-2025:19433","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19434","reference_id":"RHSA-2025:19434","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19435","reference_id":"RHSA-2025:19435","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19489","reference_id":"RHSA-2025:19489","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19623","reference_id":"RHSA-2025:19623","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19909","reference_id":"RHSA-2025:19909","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20958","reference_id":"RHSA-2025:20958","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20960","reference_id":"RHSA-2025:20960","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20961","reference_id":"RHSA-2025:20961","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21035","reference_id":"RHSA-2025:21035","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22040","reference_id":"RHSA-2025:22040","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22041","reference_id":"RHSA-2025:22041","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22051","reference_id":"RHSA-2025:22051","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22055","reference_id":"RHSA-2025:22055","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22056","reference_id":"RHSA-2025:22056","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22077","reference_id":"RHSA-2025:22077","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22096","reference_id":"RHSA-2025:22096","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22164","reference_id":"RHSA-2025:22164","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22167","reference_id":"RHSA-2025:22167","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22364","reference_id":"RHSA-2025:22364","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22364"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22365","reference_id":"RHSA-2025:22365","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22365"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22426","reference_id":"RHSA-2025:22426","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22426"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22427","reference_id":"RHSA-2025:22427","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22667","reference_id":"RHSA-2025:22667","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22729","reference_id":"RHSA-2025:22729","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22742","reference_id":"RHSA-2025:22742","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22753","reference_id":"RHSA-2025:22753","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0031","reference_id":"RHSA-2026:0031","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0033","reference_id":"RHSA-2026:0033","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0033"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0034","reference_id":"RHSA-2026:0034","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0035","reference_id":"RHSA-2026:0035","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0036","reference_id":"RHSA-2026:0036","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0036"},{"reference_url":"https://usn.ubuntu.com/7846-1/","reference_id":"USN-7846-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7846-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994958?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1068093?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089425?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1"}],"aliases":["CVE-2025-62229"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e9px-edn1-tufs"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49330?format=json","vulnerability_id":"VCID-fgnr-h7rm-83d4","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0409.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-0409.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0409","reference_id":"","reference_type":"","scores":[{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03193","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03005","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03125","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03124","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03114","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03158","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03117","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03143","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03179","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03187","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04829","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04757","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04875","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04852","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04809","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0478","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04803","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.0482","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00018","scoring_system":"epss","scoring_elements":"0.04858","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-0409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257690","reference_id":"2257690","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257690"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-0409","reference_id":"CVE-2024-0409","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-0409"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0320","reference_id":"RHSA-2024:0320","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T16:47:29Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://usn.ubuntu.com/6587-1/","reference_id":"USN-6587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-1/"},{"reference_url":"https://usn.ubuntu.com/6587-2/","reference_id":"USN-6587-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2024-0409"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-fgnr-h7rm-83d4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59273?format=json","vulnerability_id":"VCID-hkrr-v71f-xqdb","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26601.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26601.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26601","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05724","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05733","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05775","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05761","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05731","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05771","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05797","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08223","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08123","published_at":"2026-04-29T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08492","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08449","published_at":"2026-04-26T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08486","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10239","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10223","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.102","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18539","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26601"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26601","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26601"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906","reference_id":"1098906","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907","reference_id":"1098907","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345251","reference_id":"2345251","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345251"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-26601","reference_id":"CVE-2025-26601","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-26601"},{"reference_url":"https://security.gentoo.org/glsa/202506-04","reference_id":"GLSA-202506-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2500","reference_id":"RHSA-2025:2500","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2502","reference_id":"RHSA-2025:2502","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2861","reference_id":"RHSA-2025:2861","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2862","reference_id":"RHSA-2025:2862","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2865","reference_id":"RHSA-2025:2865","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2866","reference_id":"RHSA-2025:2866","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2873","reference_id":"RHSA-2025:2873","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2874","reference_id":"RHSA-2025:2874","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2875","reference_id":"RHSA-2025:2875","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2879","reference_id":"RHSA-2025:2879","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2880","reference_id":"RHSA-2025:2880","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3976","reference_id":"RHSA-2025:3976","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7163","reference_id":"RHSA-2025:7163","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7165","reference_id":"RHSA-2025:7165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7458","reference_id":"RHSA-2025:7458","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T16:08:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7458"},{"reference_url":"https://usn.ubuntu.com/7299-1/","reference_id":"USN-7299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-1/"},{"reference_url":"https://usn.ubuntu.com/7299-2/","reference_id":"USN-7299-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-2/"},{"reference_url":"https://usn.ubuntu.com/7299-4/","reference_id":"USN-7299-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2025-26601"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hkrr-v71f-xqdb"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267379?format=json","vulnerability_id":"VCID-hxab-xyu1-xkgc","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34000.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34000.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34000","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01843","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00026","scoring_system":"epss","scoring_elements":"0.07403","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0828","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0831","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34000"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34000","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34000"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451107","reference_id":"2451107","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-05T18:51:27Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451107"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-34000","reference_id":"CVE-2026-34000","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-05-05T18:51:27Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-34000"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1068093?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089425?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1"}],"aliases":["CVE-2026-34000"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hxab-xyu1-xkgc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49332?format=json","vulnerability_id":"VCID-j6qd-r6ua-cfbm","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21886.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21886.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21886","reference_id":"","reference_type":"","scores":[{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.469","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46983","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46969","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.4698","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46931","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46844","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46906","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46925","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46868","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49319","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49344","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.4934","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49304","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49301","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49293","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49268","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49296","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.4925","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21886"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2256542","reference_id":"2256542","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2256542"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-21886","reference_id":"CVE-2024-21886","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-21886"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0320","reference_id":"RHSA-2024:0320","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0557","reference_id":"RHSA-2024:0557","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0558","reference_id":"RHSA-2024:0558","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0558"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0597","reference_id":"RHSA-2024:0597","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0607","reference_id":"RHSA-2024:0607","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0614","reference_id":"RHSA-2024:0614","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0617","reference_id":"RHSA-2024:0617","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0617"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0621","reference_id":"RHSA-2024:0621","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0626","reference_id":"RHSA-2024:0626","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0629","reference_id":"RHSA-2024:0629","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-04-23T21:47:31Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6587-1/","reference_id":"USN-6587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-1/"},{"reference_url":"https://usn.ubuntu.com/6587-2/","reference_id":"USN-6587-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-2/"},{"reference_url":"https://usn.ubuntu.com/6587-5/","reference_id":"USN-6587-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2024-21886"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-j6qd-r6ua-cfbm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41830?format=json","vulnerability_id":"VCID-juet-bb4m-hkhq","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9632.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-9632.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9632","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17693","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17597","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17696","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17657","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17991","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18045","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17745","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17833","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17895","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.1791","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17866","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17817","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17759","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17769","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17807","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17716","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17692","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17648","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17505","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-9632"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9632","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9632"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086244","reference_id":"1086244","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086244"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086245","reference_id":"1086245","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1086245"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317233","reference_id":"2317233","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2317233"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-9632","reference_id":"CVE-2024-9632","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-9632"},{"reference_url":"https://security.gentoo.org/glsa/202411-08","reference_id":"GLSA-202411-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202411-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:10090","reference_id":"RHSA-2024:10090","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:10090"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:8798","reference_id":"RHSA-2024:8798","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:8798"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9540","reference_id":"RHSA-2024:9540","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9540"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9579","reference_id":"RHSA-2024:9579","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9579"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9601","reference_id":"RHSA-2024:9601","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9601"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9690","reference_id":"RHSA-2024:9690","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9690"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9816","reference_id":"RHSA-2024:9816","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9816"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9818","reference_id":"RHSA-2024:9818","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9818"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9819","reference_id":"RHSA-2024:9819","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9819"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9820","reference_id":"RHSA-2024:9820","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9820"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9901","reference_id":"RHSA-2024:9901","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9901"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7163","reference_id":"RHSA-2025:7163","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7165","reference_id":"RHSA-2025:7165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7458","reference_id":"RHSA-2025:7458","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-30T13:34:32Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7458"},{"reference_url":"https://usn.ubuntu.com/7085-1/","reference_id":"USN-7085-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7085-1/"},{"reference_url":"https://usn.ubuntu.com/7085-2/","reference_id":"USN-7085-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7085-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2024-9632"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-juet-bb4m-hkhq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69418?format=json","vulnerability_id":"VCID-may9-9sdj-cbbd","summary":"xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Data Leak in XFIXES Extension's XFixesSetClientDisconnectMode","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49177.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49177.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49177","reference_id":"","reference_type":"","scores":[{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09389","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09325","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09301","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09377","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09424","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09438","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00032","scoring_system":"epss","scoring_elements":"0.09409","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24886","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24843","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2472","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24796","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24858","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24784","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24803","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24983","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24995","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24987","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2496","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24897","published_at":"2026-04-24T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49177"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369","reference_id":"1108369","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369955","reference_id":"2369955","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369955"},{"reference_url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/ab02fb96b1c701c3bb47617d965522c34befa6af","reference_id":"ab02fb96b1c701c3bb47617d965522c34befa6af","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/"}],"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/ab02fb96b1c701c3bb47617d965522c34befa6af"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-49177","reference_id":"CVE-2025-49177","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-49177"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10258","reference_id":"RHSA-2025:10258","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9303","reference_id":"RHSA-2025:9303","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9304","reference_id":"RHSA-2025:9304","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9304"},{"reference_url":"https://www.x.org/wiki/Development/Security/","reference_id":"Security","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:57:08Z/"}],"url":"https://www.x.org/wiki/Development/Security/"},{"reference_url":"https://usn.ubuntu.com/7573-1/","reference_id":"USN-7573-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994958?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1068093?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089425?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1"}],"aliases":["CVE-2025-49177"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-may9-9sdj-cbbd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/41831?format=json","vulnerability_id":"VCID-p1tf-2c6u-tygr","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31080.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-31080.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31080","reference_id":"","reference_type":"","scores":[{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30911","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3097","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30975","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30888","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31572","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31616","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31436","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31488","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31517","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31522","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3148","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31443","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31477","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31456","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31424","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.31255","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3113","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.3105","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00123","scoring_system":"epss","scoring_elements":"0.30901","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-31080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31080"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31081"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31083"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2271997","reference_id":"2271997","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2271997"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-31080","reference_id":"CVE-2024-31080","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-31080"},{"reference_url":"https://security.gentoo.org/glsa/202411-08","reference_id":"GLSA-202411-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202411-08"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:1785","reference_id":"RHSA-2024:1785","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:1785"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2036","reference_id":"RHSA-2024:2036","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2036"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2037","reference_id":"RHSA-2024:2037","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2037"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2038","reference_id":"RHSA-2024:2038","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2038"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2039","reference_id":"RHSA-2024:2039","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2039"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2040","reference_id":"RHSA-2024:2040","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2041","reference_id":"RHSA-2024:2041","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2042","reference_id":"RHSA-2024:2042","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2042"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2080","reference_id":"RHSA-2024:2080","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2080"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2616","reference_id":"RHSA-2024:2616","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2616"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3258","reference_id":"RHSA-2024:3258","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3261","reference_id":"RHSA-2024:3261","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3261"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:3343","reference_id":"RHSA-2024:3343","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:3343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9093","reference_id":"RHSA-2024:9093","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9093"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:9122","reference_id":"RHSA-2024:9122","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:9122"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-08-07T15:41:05Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6721-1/","reference_id":"USN-6721-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6721-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2024-31080"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-p1tf-2c6u-tygr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267382?format=json","vulnerability_id":"VCID-pa9n-ntq3-jqaz","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34003.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34003.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34003","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01685","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01752","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01747","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01962","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01698","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0169","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01697","published_at":"2026-05-09T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34003"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34003","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34003"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451113","reference_id":"2451113","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T17:20:40Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451113"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-34003","reference_id":"CVE-2026-34003","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T17:20:40Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-34003"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10739","reference_id":"RHSA-2026:10739","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T17:20:40Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:10739"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11352","reference_id":"RHSA-2026:11352","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T17:20:40Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11369","reference_id":"RHSA-2026:11369","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T17:20:40Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11388","reference_id":"RHSA-2026:11388","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T17:20:40Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11656","reference_id":"RHSA-2026:11656","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T17:20:40Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11692","reference_id":"RHSA-2026:11692","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T17:20:40Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13414","reference_id":"RHSA-2026:13414","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T17:20:40Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:13414"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1068093?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089425?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1"}],"aliases":["CVE-2026-34003"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pa9n-ntq3-jqaz"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49327?format=json","vulnerability_id":"VCID-phkz-t2yr-m7em","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6816.json","reference_id":"","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6816.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6816","reference_id":"","reference_type":"","scores":[{"value":"0.03015","scoring_system":"epss","scoring_elements":"0.86664","published_at":"2026-05-05T12:55:00Z"},{"value":"0.03015","scoring_system":"epss","scoring_elements":"0.86682","published_at":"2026-05-07T12:55:00Z"},{"value":"0.03015","scoring_system":"epss","scoring_elements":"0.86616","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03015","scoring_system":"epss","scoring_elements":"0.86698","published_at":"2026-05-09T12:55:00Z"},{"value":"0.03015","scoring_system":"epss","scoring_elements":"0.86704","published_at":"2026-05-12T12:55:00Z"},{"value":"0.03015","scoring_system":"epss","scoring_elements":"0.86693","published_at":"2026-05-11T12:55:00Z"},{"value":"0.03015","scoring_system":"epss","scoring_elements":"0.86634","published_at":"2026-04-24T12:55:00Z"},{"value":"0.03015","scoring_system":"epss","scoring_elements":"0.86643","published_at":"2026-04-26T12:55:00Z"},{"value":"0.03015","scoring_system":"epss","scoring_elements":"0.86642","published_at":"2026-04-29T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87143","published_at":"2026-04-09T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87122","published_at":"2026-04-04T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87115","published_at":"2026-04-07T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87136","published_at":"2026-04-08T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87105","published_at":"2026-04-02T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87156","published_at":"2026-04-11T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87151","published_at":"2026-04-12T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87146","published_at":"2026-04-13T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87163","published_at":"2026-04-16T12:55:00Z"},{"value":"0.03264","scoring_system":"epss","scoring_elements":"0.87167","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257691","reference_id":"2257691","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2257691"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2023-6816","reference_id":"CVE-2023-6816","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2023-6816"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0320","reference_id":"RHSA-2024:0320","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0557","reference_id":"RHSA-2024:0557","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0558","reference_id":"RHSA-2024:0558","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0558"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0597","reference_id":"RHSA-2024:0597","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0607","reference_id":"RHSA-2024:0607","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0614","reference_id":"RHSA-2024:0614","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0617","reference_id":"RHSA-2024:0617","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0617"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0621","reference_id":"RHSA-2024:0621","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0626","reference_id":"RHSA-2024:0626","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0629","reference_id":"RHSA-2024:0629","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[{"value":"9.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-01-18T14:05:47Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6587-1/","reference_id":"USN-6587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-1/"},{"reference_url":"https://usn.ubuntu.com/6587-2/","reference_id":"USN-6587-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-2/"},{"reference_url":"https://usn.ubuntu.com/6587-5/","reference_id":"USN-6587-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2023-6816"],"risk_score":4.4,"exploitability":"0.5","weighted_severity":"8.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-phkz-t2yr-m7em"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/59262?format=json","vulnerability_id":"VCID-qwqu-19wq-1ke8","summary":"A vulnerability has been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26594.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-26594.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26594","reference_id":"","reference_type":"","scores":[{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05733","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05775","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05767","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05761","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05724","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05731","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05771","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00021","scoring_system":"epss","scoring_elements":"0.05797","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.0809","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08123","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08293","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00029","scoring_system":"epss","scoring_elements":"0.08223","published_at":"2026-05-07T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08486","published_at":"2026-04-24T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08492","published_at":"2026-04-21T12:55:00Z"},{"value":"0.0003","scoring_system":"epss","scoring_elements":"0.08449","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.10239","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00034","scoring_system":"epss","scoring_elements":"0.102","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18485","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00058","scoring_system":"epss","scoring_elements":"0.18539","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-26594"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26594","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-26594"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906","reference_id":"1098906","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098906"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907","reference_id":"1098907","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1098907"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345248","reference_id":"2345248","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2345248"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-26594","reference_id":"CVE-2025-26594","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-26594"},{"reference_url":"https://security.gentoo.org/glsa/202506-04","reference_id":"GLSA-202506-04","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202506-04"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2500","reference_id":"RHSA-2025:2500","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2500"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2502","reference_id":"RHSA-2025:2502","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2502"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2861","reference_id":"RHSA-2025:2861","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2861"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2862","reference_id":"RHSA-2025:2862","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2862"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2865","reference_id":"RHSA-2025:2865","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2865"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2866","reference_id":"RHSA-2025:2866","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2866"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2873","reference_id":"RHSA-2025:2873","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2873"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2874","reference_id":"RHSA-2025:2874","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2874"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2875","reference_id":"RHSA-2025:2875","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2875"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2879","reference_id":"RHSA-2025:2879","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2879"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:2880","reference_id":"RHSA-2025:2880","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:2880"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:3976","reference_id":"RHSA-2025:3976","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:3976"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7163","reference_id":"RHSA-2025:7163","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7163"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7165","reference_id":"RHSA-2025:7165","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7165"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:7458","reference_id":"RHSA-2025:7458","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T20:13:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:7458"},{"reference_url":"https://usn.ubuntu.com/7299-1/","reference_id":"USN-7299-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-1/"},{"reference_url":"https://usn.ubuntu.com/7299-2/","reference_id":"USN-7299-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-2/"},{"reference_url":"https://usn.ubuntu.com/7299-4/","reference_id":"USN-7299-4","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7299-4/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2025-26594"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qwqu-19wq-1ke8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69420?format=json","vulnerability_id":"VCID-s7xs-zcxk-nyc7","summary":"xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer overflow in X Record extension","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49179.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49179.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49179","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18079","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17986","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.1778","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17868","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17928","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17944","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17899","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35787","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.357","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35586","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35657","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.35677","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36051","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.3582","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36079","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.3612","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00154","scoring_system":"epss","scoring_elements":"0.36105","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.3972","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00184","scoring_system":"epss","scoring_elements":"0.39744","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49179"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49179","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49179"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369","reference_id":"1108369","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369978","reference_id":"2369978","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369978"},{"reference_url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/2bde9ca49a8fd9a1e6697d5e7ef837870d66f5d4","reference_id":"2bde9ca49a8fd9a1e6697d5e7ef837870d66f5d4","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/2bde9ca49a8fd9a1e6697d5e7ef837870d66f5d4"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server","reference_id":"cpe:/o:redhat:rhel_aus:7.7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-49179","reference_id":"CVE-2025-49179","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-49179"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10258","reference_id":"RHSA-2025:10258","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10342","reference_id":"RHSA-2025:10342","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10343","reference_id":"RHSA-2025:10343","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10344","reference_id":"RHSA-2025:10344","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10346","reference_id":"RHSA-2025:10346","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10347","reference_id":"RHSA-2025:10347","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10348","reference_id":"RHSA-2025:10348","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10349","reference_id":"RHSA-2025:10349","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10350","reference_id":"RHSA-2025:10350","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10351","reference_id":"RHSA-2025:10351","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10352","reference_id":"RHSA-2025:10352","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10355","reference_id":"RHSA-2025:10355","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10356","reference_id":"RHSA-2025:10356","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10356"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10360","reference_id":"RHSA-2025:10360","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10370","reference_id":"RHSA-2025:10370","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10374","reference_id":"RHSA-2025:10374","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10375","reference_id":"RHSA-2025:10375","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10376","reference_id":"RHSA-2025:10376","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10377","reference_id":"RHSA-2025:10377","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10377"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10378","reference_id":"RHSA-2025:10378","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10381","reference_id":"RHSA-2025:10381","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10410","reference_id":"RHSA-2025:10410","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9303","reference_id":"RHSA-2025:9303","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9304","reference_id":"RHSA-2025:9304","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9305","reference_id":"RHSA-2025:9305","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9306","reference_id":"RHSA-2025:9306","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9392","reference_id":"RHSA-2025:9392","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9964","reference_id":"RHSA-2025:9964","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9964"},{"reference_url":"https://www.x.org/wiki/Development/Security/","reference_id":"Security","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T15:03:25Z/"}],"url":"https://www.x.org/wiki/Development/Security/"},{"reference_url":"https://usn.ubuntu.com/7573-1/","reference_id":"USN-7573-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-1/"},{"reference_url":"https://usn.ubuntu.com/7573-2/","reference_id":"USN-7573-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994958?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1068093?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089425?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1"}],"aliases":["CVE-2025-49179"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-s7xs-zcxk-nyc7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69416?format=json","vulnerability_id":"VCID-sfgy-e6d6-f3fd","summary":"xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49175.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49175.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49175","reference_id":"","reference_type":"","scores":[{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24316","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24253","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24102","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24169","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24214","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.2423","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24188","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.39118","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38891","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38909","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38812","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38687","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.3876","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00177","scoring_system":"epss","scoring_elements":"0.38774","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43468","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00212","scoring_system":"epss","scoring_elements":"0.43498","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44852","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44904","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44898","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49175"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49175","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49175"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/0885e0b26225c90534642fe911632ec0779eebee","reference_id":"0885e0b26225c90534642fe911632ec0779eebee","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/0885e0b26225c90534642fe911632ec0779eebee"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369","reference_id":"1108369","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369"},{"reference_url":"https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2024","reference_id":"2024","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2024"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369947","reference_id":"2369947","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369947"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server","reference_id":"cpe:/o:redhat:rhel_aus:7.7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-49175","reference_id":"CVE-2025-49175","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-49175"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10258","reference_id":"RHSA-2025:10258","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10342","reference_id":"RHSA-2025:10342","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10343","reference_id":"RHSA-2025:10343","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10344","reference_id":"RHSA-2025:10344","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10346","reference_id":"RHSA-2025:10346","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10347","reference_id":"RHSA-2025:10347","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10348","reference_id":"RHSA-2025:10348","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10349","reference_id":"RHSA-2025:10349","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10350","reference_id":"RHSA-2025:10350","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10351","reference_id":"RHSA-2025:10351","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10352","reference_id":"RHSA-2025:10352","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10355","reference_id":"RHSA-2025:10355","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10356","reference_id":"RHSA-2025:10356","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10356"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10360","reference_id":"RHSA-2025:10360","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10370","reference_id":"RHSA-2025:10370","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10374","reference_id":"RHSA-2025:10374","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10375","reference_id":"RHSA-2025:10375","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10376","reference_id":"RHSA-2025:10376","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10377","reference_id":"RHSA-2025:10377","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10377"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10378","reference_id":"RHSA-2025:10378","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10381","reference_id":"RHSA-2025:10381","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10410","reference_id":"RHSA-2025:10410","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9303","reference_id":"RHSA-2025:9303","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9304","reference_id":"RHSA-2025:9304","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9305","reference_id":"RHSA-2025:9305","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9306","reference_id":"RHSA-2025:9306","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9392","reference_id":"RHSA-2025:9392","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9964","reference_id":"RHSA-2025:9964","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9964"},{"reference_url":"https://www.x.org/wiki/Development/Security/","reference_id":"Security","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:53:24Z/"}],"url":"https://www.x.org/wiki/Development/Security/"},{"reference_url":"https://usn.ubuntu.com/7573-1/","reference_id":"USN-7573-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-1/"},{"reference_url":"https://usn.ubuntu.com/7573-2/","reference_id":"USN-7573-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994958?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1068093?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089425?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1"}],"aliases":["CVE-2025-49175"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sfgy-e6d6-f3fd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66663?format=json","vulnerability_id":"VCID-sx54-5s5r-ckg2","summary":"xorg: xwayland: Use-after-free in Xkb client resource removal","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62230.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62230.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62230","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01226","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01952","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01933","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01914","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01913","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01983","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01982","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02011","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01962","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01954","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01979","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0197","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01955","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01939","published_at":"2026-04-12T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00898","published_at":"2026-04-08T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0089","published_at":"2026-04-02T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00892","published_at":"2026-04-04T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00895","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62230"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62230","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62230"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.x.org/archives/xorg-announce/2025-October/003635.html","reference_id":"003635.html","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://lists.x.org/archives/xorg-announce/2025-October/003635.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402653","reference_id":"2402653","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402653"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-62230","reference_id":"CVE-2025-62230","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-62230"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19432","reference_id":"RHSA-2025:19432","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19433","reference_id":"RHSA-2025:19433","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19434","reference_id":"RHSA-2025:19434","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19435","reference_id":"RHSA-2025:19435","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19489","reference_id":"RHSA-2025:19489","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19623","reference_id":"RHSA-2025:19623","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19909","reference_id":"RHSA-2025:19909","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20958","reference_id":"RHSA-2025:20958","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20960","reference_id":"RHSA-2025:20960","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20961","reference_id":"RHSA-2025:20961","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21035","reference_id":"RHSA-2025:21035","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22040","reference_id":"RHSA-2025:22040","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22041","reference_id":"RHSA-2025:22041","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22051","reference_id":"RHSA-2025:22051","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22055","reference_id":"RHSA-2025:22055","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22056","reference_id":"RHSA-2025:22056","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22077","reference_id":"RHSA-2025:22077","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22096","reference_id":"RHSA-2025:22096","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22164","reference_id":"RHSA-2025:22164","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22167","reference_id":"RHSA-2025:22167","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22364","reference_id":"RHSA-2025:22364","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22364"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22365","reference_id":"RHSA-2025:22365","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22365"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22426","reference_id":"RHSA-2025:22426","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22426"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22427","reference_id":"RHSA-2025:22427","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22667","reference_id":"RHSA-2025:22667","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22729","reference_id":"RHSA-2025:22729","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22742","reference_id":"RHSA-2025:22742","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22753","reference_id":"RHSA-2025:22753","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0031","reference_id":"RHSA-2026:0031","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0033","reference_id":"RHSA-2026:0033","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0033"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0034","reference_id":"RHSA-2026:0034","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0035","reference_id":"RHSA-2026:0035","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0036","reference_id":"RHSA-2026:0036","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0036"},{"reference_url":"https://usn.ubuntu.com/7846-1/","reference_id":"USN-7846-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7846-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994958?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1068093?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089425?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1"}],"aliases":["CVE-2025-62230"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-sx54-5s5r-ckg2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66664?format=json","vulnerability_id":"VCID-t1cy-srre-nkbp","summary":"xorg: xmayland: Value overflow in XkbSetCompatMap()","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62231.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-62231.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62231","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01226","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01952","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01933","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01914","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01913","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01983","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01982","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.02011","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01962","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01954","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01979","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.0197","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01955","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00013","scoring_system":"epss","scoring_elements":"0.01939","published_at":"2026-04-12T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00898","published_at":"2026-04-08T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.0089","published_at":"2026-04-02T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00892","published_at":"2026-04-04T12:55:00Z"},{"value":"9e-05","scoring_system":"epss","scoring_elements":"0.00895","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-62231"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62231","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-62231"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://lists.x.org/archives/xorg-announce/2025-October/003635.html","reference_id":"003635.html","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://lists.x.org/archives/xorg-announce/2025-October/003635.html"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402660","reference_id":"2402660","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2402660"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-62231","reference_id":"CVE-2025-62231","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-62231"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19432","reference_id":"RHSA-2025:19432","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19432"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19433","reference_id":"RHSA-2025:19433","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19434","reference_id":"RHSA-2025:19434","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19434"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19435","reference_id":"RHSA-2025:19435","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19435"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19489","reference_id":"RHSA-2025:19489","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19489"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19623","reference_id":"RHSA-2025:19623","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19623"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:19909","reference_id":"RHSA-2025:19909","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:19909"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20958","reference_id":"RHSA-2025:20958","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20958"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20960","reference_id":"RHSA-2025:20960","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20960"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:20961","reference_id":"RHSA-2025:20961","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:20961"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:21035","reference_id":"RHSA-2025:21035","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:21035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22040","reference_id":"RHSA-2025:22040","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22040"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22041","reference_id":"RHSA-2025:22041","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22041"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22051","reference_id":"RHSA-2025:22051","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22051"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22055","reference_id":"RHSA-2025:22055","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22055"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22056","reference_id":"RHSA-2025:22056","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22056"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22077","reference_id":"RHSA-2025:22077","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22077"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22096","reference_id":"RHSA-2025:22096","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22096"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22164","reference_id":"RHSA-2025:22164","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22164"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22167","reference_id":"RHSA-2025:22167","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22167"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22364","reference_id":"RHSA-2025:22364","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22364"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22365","reference_id":"RHSA-2025:22365","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22365"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22426","reference_id":"RHSA-2025:22426","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22426"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22427","reference_id":"RHSA-2025:22427","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22427"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22667","reference_id":"RHSA-2025:22667","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22667"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22729","reference_id":"RHSA-2025:22729","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22729"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22742","reference_id":"RHSA-2025:22742","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22742"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:22753","reference_id":"RHSA-2025:22753","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:22753"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0031","reference_id":"RHSA-2026:0031","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0031"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0033","reference_id":"RHSA-2026:0033","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0033"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0034","reference_id":"RHSA-2026:0034","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0034"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0035","reference_id":"RHSA-2026:0035","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0035"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:0036","reference_id":"RHSA-2026:0036","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-31T03:55:34Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:0036"},{"reference_url":"https://usn.ubuntu.com/7846-1/","reference_id":"USN-7846-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7846-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994958?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1068093?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089425?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1"}],"aliases":["CVE-2025-62231"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-t1cy-srre-nkbp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49325?format=json","vulnerability_id":"VCID-trsp-u7xt-a3ck","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6377.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6377.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6377","reference_id":"","reference_type":"","scores":[{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59446","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59416","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59354","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59402","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.5946","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00379","scoring_system":"epss","scoring_elements":"0.59419","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60023","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60018","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00389","scoring_system":"epss","scoring_elements":"0.60036","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61461","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61465","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61434","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61441","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61422","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61455","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61374","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61402","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61372","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00411","scoring_system":"epss","scoring_elements":"0.61418","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6377"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6377","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6377"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6478"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2253291","reference_id":"2253291","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2253291"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7886","reference_id":"RHSA-2023:7886","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7886"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0006","reference_id":"RHSA-2024:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0009","reference_id":"RHSA-2024:0009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0010","reference_id":"RHSA-2024:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0014","reference_id":"RHSA-2024:0014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0015","reference_id":"RHSA-2024:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0016","reference_id":"RHSA-2024:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0017","reference_id":"RHSA-2024:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0018","reference_id":"RHSA-2024:0018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0020","reference_id":"RHSA-2024:0020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:13998","reference_id":"RHSA-2025:13998","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:13998"},{"reference_url":"https://usn.ubuntu.com/6555-1/","reference_id":"USN-6555-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6555-1/"},{"reference_url":"https://usn.ubuntu.com/6555-2/","reference_id":"USN-6555-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6555-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2023-6377"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-trsp-u7xt-a3ck"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49323?format=json","vulnerability_id":"VCID-un9v-4svv-2baj","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5367.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-5367.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5367","reference_id":"","reference_type":"","scores":[{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20089","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20146","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19876","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19955","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20009","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.20029","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19985","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19927","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19905","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19909","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19906","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19799","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19794","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19764","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19674","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.1975","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19835","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19796","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00064","scoring_system":"epss","scoring_elements":"0.19824","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-5367"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5367","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5367"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5380","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5380"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2243091","reference_id":"2243091","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2243091"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6802","reference_id":"RHSA-2023:6802","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6802"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:6808","reference_id":"RHSA-2023:6808","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:6808"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7373","reference_id":"RHSA-2023:7373","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7373"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7388","reference_id":"RHSA-2023:7388","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7405","reference_id":"RHSA-2023:7405","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7405"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7428","reference_id":"RHSA-2023:7428","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7428"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7436","reference_id":"RHSA-2023:7436","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7436"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7526","reference_id":"RHSA-2023:7526","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7526"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7533","reference_id":"RHSA-2023:7533","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7533"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0010","reference_id":"RHSA-2024:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0128","reference_id":"RHSA-2024:0128","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0128"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6453-1/","reference_id":"USN-6453-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6453-1/"},{"reference_url":"https://usn.ubuntu.com/6453-2/","reference_id":"USN-6453-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6453-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2023-5367"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-un9v-4svv-2baj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49331?format=json","vulnerability_id":"VCID-v9p1-8sb6-9ufr","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21885.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-21885.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21885","reference_id":"","reference_type":"","scores":[{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.469","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46983","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46969","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.4698","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46931","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46844","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46906","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46925","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00239","scoring_system":"epss","scoring_elements":"0.46868","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49319","published_at":"2026-04-11T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49344","published_at":"2026-04-16T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.4934","published_at":"2026-04-18T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49304","published_at":"2026-04-08T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49301","published_at":"2026-04-09T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49293","published_at":"2026-04-12T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49268","published_at":"2026-04-02T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.49296","published_at":"2026-04-13T12:55:00Z"},{"value":"0.0026","scoring_system":"epss","scoring_elements":"0.4925","published_at":"2026-04-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-21885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6816"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0229"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0408"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-0409"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21885"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-21886"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.4","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2256540","reference_id":"2256540","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2256540"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client","reference_id":"cpe:/o:redhat:enterprise_linux:7::client","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::client"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode","reference_id":"cpe:/o:redhat:enterprise_linux:7::computenode","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::computenode"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server","reference_id":"cpe:/o:redhat:enterprise_linux:7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation","reference_id":"cpe:/o:redhat:enterprise_linux:7::workstation","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::workstation"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2024-21885","reference_id":"CVE-2024-21885","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2024-21885"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0320","reference_id":"RHSA-2024:0320","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0320"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0557","reference_id":"RHSA-2024:0557","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0557"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0558","reference_id":"RHSA-2024:0558","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0558"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0597","reference_id":"RHSA-2024:0597","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0597"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0607","reference_id":"RHSA-2024:0607","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0607"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0614","reference_id":"RHSA-2024:0614","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0614"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0617","reference_id":"RHSA-2024:0617","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0617"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0621","reference_id":"RHSA-2024:0621","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0621"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0626","reference_id":"RHSA-2024:0626","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0626"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0629","reference_id":"RHSA-2024:0629","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:0629"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-26T16:17:45Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6587-1/","reference_id":"USN-6587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-1/"},{"reference_url":"https://usn.ubuntu.com/6587-2/","reference_id":"USN-6587-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-2/"},{"reference_url":"https://usn.ubuntu.com/6587-5/","reference_id":"USN-6587-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2024-21885"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-v9p1-8sb6-9ufr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/69417?format=json","vulnerability_id":"VCID-wyuw-13t9-rbg1","summary":"xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49176.json","reference_id":"","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-49176.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49176","reference_id":"","reference_type":"","scores":[{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24316","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24253","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24102","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24169","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24214","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.2423","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24188","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44898","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44752","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44745","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44675","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44561","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44631","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44646","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44904","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44832","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00222","scoring_system":"epss","scoring_elements":"0.44852","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50077","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00267","scoring_system":"epss","scoring_elements":"0.50106","published_at":"2026-05-12T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-49176"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49176","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-49176"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/03731b326a80b582e48d939fe62cb1e2b10400d9","reference_id":"03731b326a80b582e48d939fe62cb1e2b10400d9","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/03731b326a80b582e48d939fe62cb1e2b10400d9"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108073","reference_id":"1108073","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108073"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369","reference_id":"1108369","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108369"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369954","reference_id":"2369954","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2369954"},{"reference_url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/4fc4d76b2c7aaed61ed2653f997783a3714c4fe1","reference_id":"4fc4d76b2c7aaed61ed2653f997783a3714c4fe1","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://gitlab.freedesktop.org/xorg/xserver/-/commit/4fc4d76b2c7aaed61ed2653f997783a3714c4fe1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_aus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_aus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.0::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.0::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_id":"cpe:/a:redhat:rhel_e4s:9.2::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_e4s:9.2::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus:9.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb","reference_id":"cpe:/a:redhat:rhel_eus:9.4::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus:9.4::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.4::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_eus_long_life:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.6::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.6::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream","reference_id":"cpe:/a:redhat:rhel_tus:8.8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:rhel_tus:8.8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0","reference_id":"cpe:/o:redhat:enterprise_linux:10.0","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.0"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server","reference_id":"cpe:/o:redhat:rhel_aus:7.7::server","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_aus:7.7::server"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6","reference_id":"cpe:/o:redhat:rhel_els:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7","reference_id":"cpe:/o:redhat:rhel_els:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:rhel_els:7"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2025-49176","reference_id":"CVE-2025-49176","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2025-49176"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10258","reference_id":"RHSA-2025:10258","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10258"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10342","reference_id":"RHSA-2025:10342","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10342"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10343","reference_id":"RHSA-2025:10343","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10343"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10344","reference_id":"RHSA-2025:10344","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10344"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10346","reference_id":"RHSA-2025:10346","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10346"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10347","reference_id":"RHSA-2025:10347","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10347"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10348","reference_id":"RHSA-2025:10348","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10348"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10349","reference_id":"RHSA-2025:10349","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10350","reference_id":"RHSA-2025:10350","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10350"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10351","reference_id":"RHSA-2025:10351","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10352","reference_id":"RHSA-2025:10352","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10355","reference_id":"RHSA-2025:10355","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10355"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10356","reference_id":"RHSA-2025:10356","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10356"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10360","reference_id":"RHSA-2025:10360","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10360"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10370","reference_id":"RHSA-2025:10370","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10370"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10374","reference_id":"RHSA-2025:10374","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10374"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10375","reference_id":"RHSA-2025:10375","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10375"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10376","reference_id":"RHSA-2025:10376","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10376"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10377","reference_id":"RHSA-2025:10377","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10377"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10378","reference_id":"RHSA-2025:10378","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10378"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10381","reference_id":"RHSA-2025:10381","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10381"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:10410","reference_id":"RHSA-2025:10410","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:10410"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9303","reference_id":"RHSA-2025:9303","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9303"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9304","reference_id":"RHSA-2025:9304","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9304"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9305","reference_id":"RHSA-2025:9305","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9305"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9306","reference_id":"RHSA-2025:9306","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9306"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9392","reference_id":"RHSA-2025:9392","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9392"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:9964","reference_id":"RHSA-2025:9964","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2025:9964"},{"reference_url":"https://www.x.org/wiki/Development/Security/","reference_id":"Security","reference_type":"","scores":[{"value":"7.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-06-17T14:58:49Z/"}],"url":"https://www.x.org/wiki/Development/Security/"},{"reference_url":"https://usn.ubuntu.com/7573-1/","reference_id":"USN-7573-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-1/"},{"reference_url":"https://usn.ubuntu.com/7573-2/","reference_id":"USN-7573-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7573-2/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994958?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.9-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.9-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1068093?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089425?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1"}],"aliases":["CVE-2025-49176"],"risk_score":3.3,"exploitability":"0.5","weighted_severity":"6.6","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wyuw-13t9-rbg1"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267378?format=json","vulnerability_id":"VCID-wzer-jnm3-rqa8","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33999.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-33999.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33999","reference_id":"","reference_type":"","scores":[{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01554","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01781","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01776","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01819","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01571","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01565","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.0156","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00012","scoring_system":"epss","scoring_elements":"0.01558","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-33999"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33999","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-33999"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451106","reference_id":"2451106","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T03:55:33Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451106"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-33999","reference_id":"CVE-2026-33999","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T03:55:33Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-33999"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10739","reference_id":"RHSA-2026:10739","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:10739"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11352","reference_id":"RHSA-2026:11352","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11369","reference_id":"RHSA-2026:11369","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11388","reference_id":"RHSA-2026:11388","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11656","reference_id":"RHSA-2026:11656","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11692","reference_id":"RHSA-2026:11692","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13414","reference_id":"RHSA-2026:13414","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-24T03:55:33Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:13414"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1068093?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089425?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1"}],"aliases":["CVE-2026-33999"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wzer-jnm3-rqa8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267380?format=json","vulnerability_id":"VCID-x3dk-fny6-fqa5","summary":"","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34001.json","reference_id":"","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-34001.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34001","reference_id":"","reference_type":"","scores":[{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02701","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02741","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02727","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02643","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02661","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.02699","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00014","scoring_system":"epss","scoring_elements":"0.027","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00015","scoring_system":"epss","scoring_elements":"0.03012","published_at":"2026-04-29T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-34001"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34001","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-34001"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451109","reference_id":"2451109","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T16:19:24Z/"}],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2451109"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:8::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb","reference_id":"cpe:/a:redhat:enterprise_linux:8::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:8::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream","reference_id":"cpe:/a:redhat:enterprise_linux:9::appstream","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb","reference_id":"cpe:/a:redhat:enterprise_linux:9::crb","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::crb"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10","reference_id":"cpe:/o:redhat:enterprise_linux:10","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1","reference_id":"cpe:/o:redhat:enterprise_linux:10.1","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10.1"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6","reference_id":"cpe:/o:redhat:enterprise_linux:6","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:6"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7","reference_id":"cpe:/o:redhat:enterprise_linux:7","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8","reference_id":"cpe:/o:redhat:enterprise_linux:8","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9","reference_id":"cpe:/o:redhat:enterprise_linux:9","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9"},{"reference_url":"https://access.redhat.com/security/cve/CVE-2026-34001","reference_id":"CVE-2026-34001","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T16:19:24Z/"}],"url":"https://access.redhat.com/security/cve/CVE-2026-34001"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:10739","reference_id":"RHSA-2026:10739","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T16:19:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:10739"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11352","reference_id":"RHSA-2026:11352","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T16:19:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11369","reference_id":"RHSA-2026:11369","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T16:19:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11369"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11388","reference_id":"RHSA-2026:11388","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T16:19:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11388"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11656","reference_id":"RHSA-2026:11656","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T16:19:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11656"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:11692","reference_id":"RHSA-2026:11692","reference_type":"","scores":[{"value":"7.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2026-04-23T16:19:24Z/"}],"url":"https://access.redhat.com/errata/RHSA-2026:11692"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:13414","reference_id":"RHSA-2026:13414","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:13414"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/1068093?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.10-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.10-1"},{"url":"http://public2.vulnerablecode.io/api/packages/1089425?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.11-1","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.11-1"}],"aliases":["CVE-2026-34001"],"risk_score":3.5,"exploitability":"0.5","weighted_severity":"7.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x3dk-fny6-fqa5"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/49326?format=json","vulnerability_id":"VCID-x3p6-a59z-ebf3","summary":"Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6478.json","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-6478.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6478","reference_id":"","reference_type":"","scores":[{"value":"0.00958","scoring_system":"epss","scoring_elements":"0.76482","published_at":"2026-04-21T12:55:00Z"},{"value":"0.01113","scoring_system":"epss","scoring_elements":"0.78312","published_at":"2026-05-12T12:55:00Z"},{"value":"0.01113","scoring_system":"epss","scoring_elements":"0.78257","published_at":"2026-05-05T12:55:00Z"},{"value":"0.01113","scoring_system":"epss","scoring_elements":"0.78283","published_at":"2026-05-07T12:55:00Z"},{"value":"0.01113","scoring_system":"epss","scoring_elements":"0.783","published_at":"2026-05-09T12:55:00Z"},{"value":"0.01113","scoring_system":"epss","scoring_elements":"0.78295","published_at":"2026-05-11T12:55:00Z"},{"value":"0.01143","scoring_system":"epss","scoring_elements":"0.78499","published_at":"2026-04-24T12:55:00Z"},{"value":"0.01143","scoring_system":"epss","scoring_elements":"0.78506","published_at":"2026-04-26T12:55:00Z"},{"value":"0.01143","scoring_system":"epss","scoring_elements":"0.78521","published_at":"2026-04-29T12:55:00Z"},{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.78999","published_at":"2026-04-16T12:55:00Z"},{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.7893","published_at":"2026-04-02T12:55:00Z"},{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.78972","published_at":"2026-04-09T12:55:00Z"},{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.78981","published_at":"2026-04-12T12:55:00Z"},{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.78971","published_at":"2026-04-13T12:55:00Z"},{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.78996","published_at":"2026-04-18T12:55:00Z"},{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.78958","published_at":"2026-04-04T12:55:00Z"},{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.78941","published_at":"2026-04-07T12:55:00Z"},{"value":"0.01208","scoring_system":"epss","scoring_elements":"0.78966","published_at":"2026-04-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-6478"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6377","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6377"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6478","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-6478"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2253298","reference_id":"2253298","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2253298"},{"reference_url":"https://security.gentoo.org/glsa/202401-30","reference_id":"GLSA-202401-30","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202401-30"},{"reference_url":"https://access.redhat.com/errata/RHSA-2023:7886","reference_id":"RHSA-2023:7886","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2023:7886"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0006","reference_id":"RHSA-2024:0006","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0006"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0009","reference_id":"RHSA-2024:0009","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0009"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0010","reference_id":"RHSA-2024:0010","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0010"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0014","reference_id":"RHSA-2024:0014","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0014"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0015","reference_id":"RHSA-2024:0015","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0015"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0016","reference_id":"RHSA-2024:0016","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0016"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0017","reference_id":"RHSA-2024:0017","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0017"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0018","reference_id":"RHSA-2024:0018","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0018"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:0020","reference_id":"RHSA-2024:0020","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:0020"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2169","reference_id":"RHSA-2024:2169","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2169"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2170","reference_id":"RHSA-2024:2170","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2170"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2995","reference_id":"RHSA-2024:2995","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2995"},{"reference_url":"https://access.redhat.com/errata/RHSA-2024:2996","reference_id":"RHSA-2024:2996","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2024:2996"},{"reference_url":"https://access.redhat.com/errata/RHSA-2025:12751","reference_id":"RHSA-2025:12751","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2025:12751"},{"reference_url":"https://usn.ubuntu.com/6555-1/","reference_id":"USN-6555-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6555-1/"},{"reference_url":"https://usn.ubuntu.com/6555-2/","reference_id":"USN-6555-2","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6555-2/"},{"reference_url":"https://usn.ubuntu.com/6587-5/","reference_id":"USN-6587-5","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6587-5/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/994453?format=json","purl":"pkg:deb/debian/xwayland@2:24.1.6-1","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-2cp3-p3yx-17be"},{"vulnerability":"VCID-2vrb-n6cc-c7bc"},{"vulnerability":"VCID-3f4a-m4rt-qqej"},{"vulnerability":"VCID-e9px-edn1-tufs"},{"vulnerability":"VCID-hxab-xyu1-xkgc"},{"vulnerability":"VCID-may9-9sdj-cbbd"},{"vulnerability":"VCID-pa9n-ntq3-jqaz"},{"vulnerability":"VCID-s7xs-zcxk-nyc7"},{"vulnerability":"VCID-sfgy-e6d6-f3fd"},{"vulnerability":"VCID-sx54-5s5r-ckg2"},{"vulnerability":"VCID-t1cy-srre-nkbp"},{"vulnerability":"VCID-wyuw-13t9-rbg1"},{"vulnerability":"VCID-wzer-jnm3-rqa8"},{"vulnerability":"VCID-x3dk-fny6-fqa5"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:24.1.6-1"}],"aliases":["CVE-2023-6478"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x3p6-a59z-ebf3"}],"fixing_vulnerabilities":[],"risk_score":"4.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/xwayland@2:22.1.9-1"}