GHSA-pw35-9xmg-v8xw

Опубликовано: 17 июн. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 5.5

Описание

A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests.

Ссылки

EPSS

Процентиль: 4%

0.0002

Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2025-49177

Дефекты

CWE-200

Связанные уязвимости

CVE-2025-49177

CVSS3: 6.1

ubuntu

около 2 месяцев назад

A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests.

CVE-2025-49177

CVSS3: 6.1

redhat

около 2 месяцев назад

A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests.

CVE-2025-49177

CVSS3: 6.1

nvd

около 2 месяцев назад

A flaw was found in the XFIXES extension. The XFixesSetClientDisconnectMode handler does not validate the request length, allowing a client to read unintended memory from previous requests.

CVE-2025-49177

CVSS3: 6.1

debian

около 2 месяцев назад

A flaw was found in the XFIXES extension. The XFixesSetClientDisconnec ...

SUSE-SU-2025:01981-1

suse-cvrf

около 2 месяцев назад

Security update for xorg-x11-server

EPSS

Процентиль: 4%

0.0002

Низкий

5.5 Medium

CVSS3

CVE ID

CVE-2025-49177

Дефекты

CWE-200