Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-44yr-b94s-nfd5
Vulnerability ID VCID-44yr-b94s-nfd5
Aliases CVE-2022-46340
Summary Multiple vulnerabilities have been discovered in the Xorg Server and XWayland, the worst of which can result in privilege escalation or remote code execution.
Status Published
Exploitability 0.5
Weighted Severity 7.9
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-121 Stack-based Buffer Overflow
System Score Found at
cvssv3 8.8 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46340.json
epss 0.0113 https://api.first.org/data/v1/epss?cve=CVE-2022-46340
epss 0.0113 https://api.first.org/data/v1/epss?cve=CVE-2022-46340
epss 0.0113 https://api.first.org/data/v1/epss?cve=CVE-2022-46340
epss 0.0113 https://api.first.org/data/v1/epss?cve=CVE-2022-46340
epss 0.0113 https://api.first.org/data/v1/epss?cve=CVE-2022-46340
epss 0.0113 https://api.first.org/data/v1/epss?cve=CVE-2022-46340
epss 0.0113 https://api.first.org/data/v1/epss?cve=CVE-2022-46340
epss 0.0113 https://api.first.org/data/v1/epss?cve=CVE-2022-46340
cvssv3.1 7.1 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46340.json
https://api.first.org/data/v1/epss?cve=CVE-2022-46340
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4283
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46340
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46341
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46342
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46343
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46344
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1026071 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1026071
2151755 https://bugzilla.redhat.com/show_bug.cgi?id=2151755
GLSA-202305-30 https://security.gentoo.org/glsa/202305-30
RHSA-2023:0045 https://access.redhat.com/errata/RHSA-2023:0045
RHSA-2023:0046 https://access.redhat.com/errata/RHSA-2023:0046
RHSA-2023:2248 https://access.redhat.com/errata/RHSA-2023:2248
RHSA-2023:2249 https://access.redhat.com/errata/RHSA-2023:2249
RHSA-2023:2257 https://access.redhat.com/errata/RHSA-2023:2257
RHSA-2023:2805 https://access.redhat.com/errata/RHSA-2023:2805
RHSA-2023:2806 https://access.redhat.com/errata/RHSA-2023:2806
RHSA-2023:2830 https://access.redhat.com/errata/RHSA-2023:2830
RHSA-2025:12751 https://access.redhat.com/errata/RHSA-2025:12751
USN-5778-1 https://usn.ubuntu.com/5778-1/
USN-5778-2 https://usn.ubuntu.com/5778-2/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-46340.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.78262
EPSS Score 0.0113
Published At April 2, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:02:27.022036+00:00 Gentoo Importer Import https://security.gentoo.org/glsa/202305-30 38.0.0