csaf_redhat - rhsa-2025:9964

rhsa-2025:9964

Vulnerability from csaf_redhat

Published

2025-06-30 13:49

Modified

2025-07-15 01:20

Summary

Red Hat Security Advisory: xorg-x11-server security update

Notes

Topic

An update for xorg-x11-server is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Details

X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. Security Fix(es): * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors (CVE-2025-49175) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension (CVE-2025-49176) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore (CVE-2025-49178) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer overflow in X Record extension (CVE-2025-49179) * xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension (CVE-2025-49180) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for xorg-x11-server is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "X.Org is an open-source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon.\n\nSecurity Fix(es):\n\n* xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors (CVE-2025-49175)\n\n* xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension (CVE-2025-49176)\n\n* xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore (CVE-2025-49178)\n\n* xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer overflow in X Record extension (CVE-2025-49179)\n\n* xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension (CVE-2025-49180)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:9964",
        "url": "https://access.redhat.com/errata/RHSA-2025:9964"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#important",
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "category": "external",
        "summary": "2369947",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369947"
      },
      {
        "category": "external",
        "summary": "2369954",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369954"
      },
      {
        "category": "external",
        "summary": "2369977",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369977"
      },
      {
        "category": "external",
        "summary": "2369978",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369978"
      },
      {
        "category": "external",
        "summary": "2369981",
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369981"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_9964.json"
      }
    ],
    "title": "Red Hat Security Advisory: xorg-x11-server security update",
    "tracking": {
      "current_release_date": "2025-07-15T01:20:05+00:00",
      "generator": {
        "date": "2025-07-15T01:20:05+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.6.3"
        }
      },
      "id": "RHSA-2025:9964",
      "initial_release_date": "2025-06-30T13:49:07+00:00",
      "revision_history": [
        {
          "date": "2025-06-30T13:49:07+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-06-30T13:49:07+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2025-07-15T01:20:05+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
                "product": {
                  "name": "Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
                  "product_id": "AppStream-8.2.0.Z.AUS",
                  "product_identification_helper": {
                    "cpe": "cpe:/a:redhat:rhel_aus:8.2::appstream"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xorg-x11-server-0:1.20.6-4.el8_2.src",
                "product": {
                  "name": "xorg-x11-server-0:1.20.6-4.el8_2.src",
                  "product_id": "xorg-x11-server-0:1.20.6-4.el8_2.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/xorg-x11-server@1.20.6-4.el8_2?arch=src"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
                "product": {
                  "name": "xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
                  "product_id": "xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/xorg-x11-server-Xdmx@1.20.6-4.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
                "product": {
                  "name": "xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
                  "product_id": "xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/xorg-x11-server-Xephyr@1.20.6-4.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
                "product": {
                  "name": "xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
                  "product_id": "xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/xorg-x11-server-Xnest@1.20.6-4.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
                "product": {
                  "name": "xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
                  "product_id": "xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/xorg-x11-server-Xorg@1.20.6-4.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
                "product": {
                  "name": "xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
                  "product_id": "xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/xorg-x11-server-Xvfb@1.20.6-4.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
                "product": {
                  "name": "xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
                  "product_id": "xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/xorg-x11-server-Xwayland@1.20.6-4.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
                "product": {
                  "name": "xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
                  "product_id": "xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/xorg-x11-server-common@1.20.6-4.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64",
                "product": {
                  "name": "xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64",
                  "product_id": "xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/xorg-x11-server-debugsource@1.20.6-4.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
                "product": {
                  "name": "xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
                  "product_id": "xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/xorg-x11-server-Xdmx-debuginfo@1.20.6-4.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
                "product": {
                  "name": "xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
                  "product_id": "xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/xorg-x11-server-Xephyr-debuginfo@1.20.6-4.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
                "product": {
                  "name": "xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
                  "product_id": "xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/xorg-x11-server-Xnest-debuginfo@1.20.6-4.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
                "product": {
                  "name": "xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
                  "product_id": "xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/xorg-x11-server-Xorg-debuginfo@1.20.6-4.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
                "product": {
                  "name": "xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
                  "product_id": "xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/xorg-x11-server-Xvfb-debuginfo@1.20.6-4.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
                "product": {
                  "name": "xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
                  "product_id": "xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/xorg-x11-server-Xwayland-debuginfo@1.20.6-4.el8_2?arch=x86_64"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
                "product": {
                  "name": "xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
                  "product_id": "xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/xorg-x11-server-debuginfo@1.20.6-4.el8_2?arch=x86_64"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-0:1.20.6-4.el8_2.src as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
          "product_id": "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src"
        },
        "product_reference": "xorg-x11-server-0:1.20.6-4.el8_2.src",
        "relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
          "product_id": "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64"
        },
        "product_reference": "xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
        "relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
          "product_id": "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64"
        },
        "product_reference": "xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
        "relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
          "product_id": "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64"
        },
        "product_reference": "xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
        "relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
          "product_id": "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64"
        },
        "product_reference": "xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
        "relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
          "product_id": "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64"
        },
        "product_reference": "xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
        "relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
          "product_id": "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64"
        },
        "product_reference": "xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
        "relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
          "product_id": "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64"
        },
        "product_reference": "xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
        "relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
          "product_id": "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64"
        },
        "product_reference": "xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
        "relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
          "product_id": "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64"
        },
        "product_reference": "xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
        "relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
          "product_id": "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64"
        },
        "product_reference": "xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
        "relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
          "product_id": "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64"
        },
        "product_reference": "xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
        "relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
          "product_id": "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64"
        },
        "product_reference": "xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
        "relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
          "product_id": "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64"
        },
        "product_reference": "xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
        "relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
          "product_id": "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64"
        },
        "product_reference": "xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
        "relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64 as a component of Red Hat Enterprise Linux AppStream AUS (v. 8.2)",
          "product_id": "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
        },
        "product_reference": "xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64",
        "relates_to_product_reference": "AppStream-8.2.0.Z.AUS"
      }
    ]
  },
  "vulnerabilities": [
    {
      "acknowledgments": [
        {
          "names": [
            "Nils Emmerich",
            "Julian Suleder"
          ]
        }
      ],
      "cve": "CVE-2025-49175",
      "cwe": {
        "id": "CWE-125",
        "name": "Out-of-bounds Read"
      },
      "discovery_date": "2025-06-03T05:39:18.827000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2369947"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the X Rendering extension\u0027s handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as an important severity because the flaw exists in the X Rendering extension of the X.Org X server, specifically in the handling of animated cursors, when a client request provides zero cursors, the server erroneously assumes that at least one cursor is present and proceeds to access elements in the non-existent array. This logic error causes an out-of-bounds read, which can lead to a server crash and denial of service, the flaw could expose limited uninitialized memory, potentially resulting in minor information disclosure.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-49175"
        },
        {
          "category": "external",
          "summary": "RHBZ#2369947",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369947"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-49175",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-49175"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49175",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49175"
        }
      ],
      "release_date": "2025-06-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-30T13:49:07+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Out-of-Bounds Read in X Rendering Extension Animated Cursors"
    },
    {
      "acknowledgments": [
        {
          "names": [
            "Nils Emmerich",
            "Julian Suleder"
          ]
        }
      ],
      "cve": "CVE-2025-49176",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2025-06-03T07:10:25.307000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2369954"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as an important severity because this flaw exists in the Big Requests extension of the X.Org X server, where the length of client requests is multiplied by 4 before validating against the maximum allowed size. This computation can cause an integer overflow when a sufficiently large length value is provided, resulting in a wrapped-around total length that appears valid to the size check logic, leading to out-of-bounds memory access, successful exploitation can cause denial of service by crashing the server and may permit memory corruption, compromising system integrity and availability.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-49176"
        },
        {
          "category": "external",
          "summary": "RHBZ#2369954",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369954"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-49176",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-49176"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49176",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49176"
        }
      ],
      "release_date": "2025-06-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-30T13:49:07+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in Big Requests Extension"
    },
    {
      "cve": "CVE-2025-49178",
      "cwe": {
        "id": "CWE-667",
        "name": "Improper Locking"
      },
      "discovery_date": "2025-06-03T10:00:49.274000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2369977"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the X server\u0027s request handling. Non-zero \u0027bytes to ignore\u0027 in a client\u0027s request can cause the server to skip processing another client\u0027s request, potentially leading to a denial of service.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as a moderate severity because the flaw exists in the X server\u2019s request handling logic, where the \u201cbytes to ignore\u201d field in a client request is not properly validated. A malicious client can submit a request specifying a non-zero \u0027bytes to ignore\u0027 value that exceeds the actual request size, causing the server to advance its internal input pointer incorrectly. As a result, the server may skip over pending requests from other clients, disrupting normal processing and effectively denying service to legitimate users. This vulnerability primarily impacts system availability",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-49178"
        },
        {
          "category": "external",
          "summary": "RHBZ#2369977",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369977"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-49178",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-49178"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49178",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49178"
        }
      ],
      "release_date": "2025-06-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-30T13:49:07+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore"
    },
    {
      "cve": "CVE-2025-49179",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2025-06-03T10:11:40.389000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2369978"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer overflow in X Record extension",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as an important severity because the flaw exists in the X Record extension of the X.Org X server within the RecordSanityCheckRegisterClients function, which fails to validate integer overflows when calculating the length of client registration requests. As a result, the server may read or write beyond intended memory bounds, leading primarily to denial of service by crashing the process, possibility of leaking memory contents or corrupting data.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-49179"
        },
        {
          "category": "external",
          "summary": "RHBZ#2369978",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369978"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-49179",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-49179"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49179",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49179"
        }
      ],
      "release_date": "2025-06-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-30T13:49:07+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer overflow in X Record extension"
    },
    {
      "cve": "CVE-2025-49180",
      "cwe": {
        "id": "CWE-190",
        "name": "Integer Overflow or Wraparound"
      },
      "discovery_date": "2025-06-03T10:14:53.357000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2369981"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This flaw is rated as an important severity because this flaw exists in the RandR extension of the X.Org X server within the RRChangeProviderProperty function, which fails to validate input lengths properly, leads to an integer overflow when calculating the total memory size required for allocation. As a result, subsequent memory operations may write outside the bounds of the allocated buffer, potentially causing memory corruption, application crashes, or arbitrary code execution under certain conditions.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
          "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-49180"
        },
        {
          "category": "external",
          "summary": "RHBZ#2369981",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369981"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-49180",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-49180"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-49180",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-49180"
        }
      ],
      "release_date": "2025-06-17T00:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-06-30T13:49:07+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "category": "workaround",
          "details": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
          "product_ids": [
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-0:1.20.6-4.el8_2.src",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xdmx-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xephyr-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xnest-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xorg-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xvfb-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-Xwayland-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-common-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debuginfo-0:1.20.6-4.el8_2.x86_64",
            "AppStream-8.2.0.Z.AUS:xorg-x11-server-debugsource-0:1.20.6-4.el8_2.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Integer Overflow in X Resize, Rotate and Reflect (RandR) Extension"
    }
  ]
}

CVE-2025-49180 (GCVE-0-2025-49180)

Vulnerability from cvelistv5

Published

2025-06-17 15:00

Modified

2025-07-15 01:05

Severity ?

7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Summary

A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate.

References

►

URL

Tags

	https://access.redhat.com/errata/RHSA-2025:10258	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10342	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10343	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10344	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10346	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10347	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10348	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10349	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10350	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10351	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10352	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10355	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10356	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10360	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10370	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10374	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10375	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10376	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10377	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10378	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10381	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10410	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9303	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9304	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9305	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9306	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9392	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9964	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2025-49180	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2369981	issue-tracking, x_refsource_REDHAT

Impacted products

Vendor

Product

Version

►

Red Hat

Red Hat Enterprise Linux 10

Unaffected: 0:24.1.5-4.el10_0 < *
cpe:/o:redhat:enterprise_linux:10.0

Red Hat	Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION	Unaffected: 0:1.1.0-25.el6_10.1 < * cpe:/o:redhat:rhel_els:6
Red Hat	Red Hat Enterprise Linux 7.7 Advanced Update Support	Unaffected: 0:1.8.0-17.el7_7.1 < * cpe:/o:redhat:rhel_aus:7.7::server
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.20.4-32.el7_9 < * cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.8.0-36.el7_9.2 < * cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.20.11-26.el8_10 < * cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:21.1.3-18.el8_10 < * cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.15.0-7.el8_10 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.9.0-15.el8_2.14 < * cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.20.6-4.el8_2 < * cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.20.10-2.el8_4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.11.0-8.el8_4.13 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.10-2.el8_4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.11.0-8.el8_4.13 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.20.11-5.el8_6.3 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.20.11-5.el8_6.3 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.20.11-5.el8_6.3 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.11-16.el8_8 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-11.el8_8 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.20.11-16.el8_8 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.12.0-15.el8_8.14 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:21.1.3-11.el8_8 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.20.11-16.el8_8 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.12.0-15.el8_8.14 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:21.1.3-11.el8_8 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.20.11-31.el9_6 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:23.2.7-4.el9_6 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.14.1-8.el9_6 < * cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:21.1.3-3.el9_0 < * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.20.11-11.el9_0 < * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.11.0-22.el9_0.15 < * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:21.1.3-8.el9_2 < * cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.20.11-18.el9_2 < * cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.12.0-14.el9_2.12 < * cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:22.1.9-6.el9_4 < * cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.20.11-26.el9_4 < * cpe:/a:redhat:rhel_eus:9.4::crb cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.13.1-8.el9_4.7 < * cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49180",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T15:36:37.255035Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T15:36:48.643Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-4.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:7.7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-17.el7_7.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-32.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-18.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.15.0-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.6-4.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-31.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-4.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-8.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-3.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-11.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-8.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-18.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:22.1.9-6.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::crb",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T01:05:09.054Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10258"
        },
        {
          "name": "RHSA-2025:10342",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10342"
        },
        {
          "name": "RHSA-2025:10343",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10343"
        },
        {
          "name": "RHSA-2025:10344",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10344"
        },
        {
          "name": "RHSA-2025:10346",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10346"
        },
        {
          "name": "RHSA-2025:10347",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10347"
        },
        {
          "name": "RHSA-2025:10348",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10348"
        },
        {
          "name": "RHSA-2025:10349",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10349"
        },
        {
          "name": "RHSA-2025:10350",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10350"
        },
        {
          "name": "RHSA-2025:10351",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10351"
        },
        {
          "name": "RHSA-2025:10352",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10352"
        },
        {
          "name": "RHSA-2025:10355",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10355"
        },
        {
          "name": "RHSA-2025:10356",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10356"
        },
        {
          "name": "RHSA-2025:10360",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10360"
        },
        {
          "name": "RHSA-2025:10370",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10370"
        },
        {
          "name": "RHSA-2025:10374",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10374"
        },
        {
          "name": "RHSA-2025:10375",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10375"
        },
        {
          "name": "RHSA-2025:10376",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10376"
        },
        {
          "name": "RHSA-2025:10377",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10377"
        },
        {
          "name": "RHSA-2025:10378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10378"
        },
        {
          "name": "RHSA-2025:10381",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10381"
        },
        {
          "name": "RHSA-2025:10410",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10410"
        },
        {
          "name": "RHSA-2025:9303",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9303"
        },
        {
          "name": "RHSA-2025:9304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9304"
        },
        {
          "name": "RHSA-2025:9305",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9305"
        },
        {
          "name": "RHSA-2025:9306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9306"
        },
        {
          "name": "RHSA-2025:9392",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9392"
        },
        {
          "name": "RHSA-2025:9964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49180"
        },
        {
          "name": "RHBZ#2369981",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369981"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T10:14:53.357000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x resize, rotate and reflect (randr) extension",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49180",
    "datePublished": "2025-06-17T15:00:18.145Z",
    "dateReserved": "2025-06-03T05:38:02.947Z",
    "dateUpdated": "2025-07-15T01:05:09.054Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-49176 (GCVE-0-2025-49176)

Vulnerability from cvelistv5

Published

2025-06-17 14:49

Modified

2025-07-15 01:04

Severity ?

7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Summary

A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check.

References

►

URL

Tags

	https://access.redhat.com/errata/RHSA-2025:10258	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10342	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10343	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10344	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10346	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10347	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10348	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10349	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10350	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10351	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10352	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10355	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10356	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10360	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10370	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10374	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10375	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10376	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10377	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10378	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10381	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10410	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9303	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9304	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9305	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9306	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9392	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9964	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2025-49176	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2369954	issue-tracking, x_refsource_REDHAT

Impacted products

Vendor

Product

Version

►

Red Hat

Red Hat Enterprise Linux 10

Unaffected: 0:24.1.5-4.el10_0 < *
cpe:/o:redhat:enterprise_linux:10.0

Red Hat	Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION	Unaffected: 0:1.1.0-25.el6_10.1 < * cpe:/o:redhat:rhel_els:6
Red Hat	Red Hat Enterprise Linux 7.7 Advanced Update Support	Unaffected: 0:1.8.0-17.el7_7.1 < * cpe:/o:redhat:rhel_aus:7.7::server
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.20.4-32.el7_9 < * cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.8.0-36.el7_9.2 < * cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.20.11-26.el8_10 < * cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:21.1.3-18.el8_10 < * cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.15.0-7.el8_10 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.9.0-15.el8_2.14 < * cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.20.6-4.el8_2 < * cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.20.10-2.el8_4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.11.0-8.el8_4.13 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.10-2.el8_4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.11.0-8.el8_4.13 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.20.11-5.el8_6.3 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.20.11-5.el8_6.3 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.20.11-5.el8_6.3 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.11-16.el8_8 < * cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-11.el8_8 < * cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.20.11-16.el8_8 < * cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.12.0-15.el8_8.14 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:21.1.3-11.el8_8 < * cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.20.11-16.el8_8 < * cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.12.0-15.el8_8.14 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:21.1.3-11.el8_8 < * cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.20.11-31.el9_6 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:23.2.7-4.el9_6 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.14.1-8.el9_6 < * cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:21.1.3-3.el9_0 < * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.20.11-11.el9_0 < * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.11.0-22.el9_0.15 < * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:21.1.3-8.el9_2 < * cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.20.11-18.el9_2 < * cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.12.0-14.el9_2.12 < * cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:22.1.9-6.el9_4 < * cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.20.11-26.el9_4 < * cpe:/a:redhat:rhel_eus:9.4::crb cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.13.1-8.el9_4.7 < * cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49176",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T14:58:49.779795Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T14:59:07.660Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-06-18T18:03:59.081Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/06/18/2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-4.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:7.7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-17.el7_7.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-32.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-18.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.15.0-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.6-4.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-31.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-4.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-8.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-3.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-11.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-8.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-18.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:22.1.9-6.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::crb",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Julian Suleder and Nils Emmerich for reporting this issue."
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T01:04:39.063Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10258"
        },
        {
          "name": "RHSA-2025:10342",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10342"
        },
        {
          "name": "RHSA-2025:10343",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10343"
        },
        {
          "name": "RHSA-2025:10344",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10344"
        },
        {
          "name": "RHSA-2025:10346",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10346"
        },
        {
          "name": "RHSA-2025:10347",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10347"
        },
        {
          "name": "RHSA-2025:10348",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10348"
        },
        {
          "name": "RHSA-2025:10349",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10349"
        },
        {
          "name": "RHSA-2025:10350",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10350"
        },
        {
          "name": "RHSA-2025:10351",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10351"
        },
        {
          "name": "RHSA-2025:10352",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10352"
        },
        {
          "name": "RHSA-2025:10355",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10355"
        },
        {
          "name": "RHSA-2025:10356",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10356"
        },
        {
          "name": "RHSA-2025:10360",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10360"
        },
        {
          "name": "RHSA-2025:10370",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10370"
        },
        {
          "name": "RHSA-2025:10374",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10374"
        },
        {
          "name": "RHSA-2025:10375",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10375"
        },
        {
          "name": "RHSA-2025:10376",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10376"
        },
        {
          "name": "RHSA-2025:10377",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10377"
        },
        {
          "name": "RHSA-2025:10378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10378"
        },
        {
          "name": "RHSA-2025:10381",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10381"
        },
        {
          "name": "RHSA-2025:10410",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10410"
        },
        {
          "name": "RHSA-2025:9303",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9303"
        },
        {
          "name": "RHSA-2025:9304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9304"
        },
        {
          "name": "RHSA-2025:9305",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9305"
        },
        {
          "name": "RHSA-2025:9306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9306"
        },
        {
          "name": "RHSA-2025:9392",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9392"
        },
        {
          "name": "RHSA-2025:9964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49176"
        },
        {
          "name": "RHBZ#2369954",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369954"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T07:10:25.307000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in big requests extension",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49176",
    "datePublished": "2025-06-17T14:49:49.143Z",
    "dateReserved": "2025-06-03T05:38:02.947Z",
    "dateUpdated": "2025-07-15T01:04:39.063Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-49175 (GCVE-0-2025-49175)

Vulnerability from cvelistv5

Published

2025-06-17 14:39

Modified

2025-07-15 01:04

Severity ?

6.1 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

CWE

CWE-125 - Out-of-bounds Read

Summary

A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash.

References

►

URL

Tags

	https://access.redhat.com/errata/RHSA-2025:10258	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10342	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10343	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10344	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10346	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10347	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10348	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10349	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10350	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10351	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10352	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10355	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10356	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10360	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10370	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10374	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10375	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10376	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10377	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10378	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10381	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10410	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9303	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9304	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9305	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9306	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9392	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9964	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2025-49175	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2369947	issue-tracking, x_refsource_REDHAT

Impacted products

Vendor

Product

Version

►

Red Hat

Red Hat Enterprise Linux 10

Unaffected: 0:24.1.5-4.el10_0 < *
cpe:/o:redhat:enterprise_linux:10.0

Red Hat	Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION	Unaffected: 0:1.1.0-25.el6_10.1 < * cpe:/o:redhat:rhel_els:6
Red Hat	Red Hat Enterprise Linux 7.7 Advanced Update Support	Unaffected: 0:1.8.0-17.el7_7.1 < * cpe:/o:redhat:rhel_aus:7.7::server
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.20.4-32.el7_9 < * cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.8.0-36.el7_9.2 < * cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.20.11-26.el8_10 < * cpe:/a:redhat:enterprise_linux:8::appstream cpe:/a:redhat:enterprise_linux:8::crb
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:21.1.3-18.el8_10 < * cpe:/a:redhat:enterprise_linux:8::appstream cpe:/a:redhat:enterprise_linux:8::crb
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.15.0-7.el8_10 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.9.0-15.el8_2.14 < * cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.20.6-4.el8_2 < * cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.20.10-2.el8_4 < * cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.11.0-8.el8_4.13 < * cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.10-2.el8_4 < * cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.11.0-8.el8_4.13 < * cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.20.11-5.el8_6.3 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.20.11-5.el8_6.3 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.20.11-5.el8_6.3 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.11-16.el8_8 < * cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-11.el8_8 < * cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.20.11-16.el8_8 < * cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.12.0-15.el8_8.14 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:21.1.3-11.el8_8 < * cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.20.11-16.el8_8 < * cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.12.0-15.el8_8.14 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:21.1.3-11.el8_8 < * cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.20.11-31.el9_6 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:23.2.7-4.el9_6 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.14.1-8.el9_6 < * cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:21.1.3-3.el9_0 < * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.20.11-11.el9_0 < * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.11.0-22.el9_0.15 < * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:21.1.3-8.el9_2 < * cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.20.11-18.el9_2 < * cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.12.0-14.el9_2.12 < * cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:22.1.9-6.el9_4 < * cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.20.11-26.el9_4 < * cpe:/a:redhat:rhel_eus:9.4::crb cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.13.1-8.el9_4.7 < * cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49175",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T14:53:24.755088Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T14:53:37.144Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-4.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:7.7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-17.el7_7.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-32.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-18.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.15.0-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.6-4.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-31.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-4.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-8.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-3.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-11.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-8.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-18.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:22.1.9-6.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::crb",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Julian Suleder and Nils Emmerich for reporting this issue."
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the X Rendering extension\u0027s handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T01:04:24.183Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10258"
        },
        {
          "name": "RHSA-2025:10342",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10342"
        },
        {
          "name": "RHSA-2025:10343",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10343"
        },
        {
          "name": "RHSA-2025:10344",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10344"
        },
        {
          "name": "RHSA-2025:10346",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10346"
        },
        {
          "name": "RHSA-2025:10347",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10347"
        },
        {
          "name": "RHSA-2025:10348",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10348"
        },
        {
          "name": "RHSA-2025:10349",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10349"
        },
        {
          "name": "RHSA-2025:10350",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10350"
        },
        {
          "name": "RHSA-2025:10351",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10351"
        },
        {
          "name": "RHSA-2025:10352",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10352"
        },
        {
          "name": "RHSA-2025:10355",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10355"
        },
        {
          "name": "RHSA-2025:10356",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10356"
        },
        {
          "name": "RHSA-2025:10360",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10360"
        },
        {
          "name": "RHSA-2025:10370",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10370"
        },
        {
          "name": "RHSA-2025:10374",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10374"
        },
        {
          "name": "RHSA-2025:10375",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10375"
        },
        {
          "name": "RHSA-2025:10376",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10376"
        },
        {
          "name": "RHSA-2025:10377",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10377"
        },
        {
          "name": "RHSA-2025:10378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10378"
        },
        {
          "name": "RHSA-2025:10381",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10381"
        },
        {
          "name": "RHSA-2025:10410",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10410"
        },
        {
          "name": "RHSA-2025:9303",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9303"
        },
        {
          "name": "RHSA-2025:9304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9304"
        },
        {
          "name": "RHSA-2025:9305",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9305"
        },
        {
          "name": "RHSA-2025:9306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9306"
        },
        {
          "name": "RHSA-2025:9392",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9392"
        },
        {
          "name": "RHSA-2025:9964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49175"
        },
        {
          "name": "RHBZ#2369947",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369947"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T05:39:18.827000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49175",
    "datePublished": "2025-06-17T14:39:39.428Z",
    "dateReserved": "2025-06-03T05:38:02.947Z",
    "dateUpdated": "2025-07-15T01:04:24.183Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-49178 (GCVE-0-2025-49178)

Vulnerability from cvelistv5

Published

2025-06-17 14:54

Modified

2025-07-15 01:17

Severity ?

5.5 (Medium) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-667 - Improper Locking

Summary

A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service.

References

►

URL

Tags

	https://access.redhat.com/errata/RHSA-2025:10258	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10342	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10343	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10344	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10346	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10347	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10348	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10349	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10350	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10351	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10352	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10355	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10356	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10360	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10370	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10374	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10375	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10376	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10377	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10378	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10381	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10410	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9303	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9304	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9305	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9306	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9392	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9964	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2025-49178	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2369977	issue-tracking, x_refsource_REDHAT

Impacted products

Vendor

Product

Version

►

Red Hat

Red Hat Enterprise Linux 10

Unaffected: 0:24.1.5-4.el10_0 < *
cpe:/o:redhat:enterprise_linux:10.0

Red Hat	Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION	Unaffected: 0:1.1.0-25.el6_10.1 < * cpe:/o:redhat:rhel_els:6
Red Hat	Red Hat Enterprise Linux 7.7 Advanced Update Support	Unaffected: 0:1.8.0-17.el7_7.1 < * cpe:/o:redhat:rhel_aus:7.7::server
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.20.4-32.el7_9 < * cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.8.0-36.el7_9.2 < * cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.20.11-26.el8_10 < * cpe:/a:redhat:enterprise_linux:8::appstream cpe:/a:redhat:enterprise_linux:8::crb
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:21.1.3-18.el8_10 < * cpe:/a:redhat:enterprise_linux:8::appstream cpe:/a:redhat:enterprise_linux:8::crb
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.15.0-7.el8_10 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.9.0-15.el8_2.14 < * cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.20.6-4.el8_2 < * cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.20.10-2.el8_4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.11.0-8.el8_4.13 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.10-2.el8_4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.11.0-8.el8_4.13 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.20.11-5.el8_6.3 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.20.11-5.el8_6.3 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.20.11-5.el8_6.3 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.11-16.el8_8 < * cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-11.el8_8 < * cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.20.11-16.el8_8 < * cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.12.0-15.el8_8.14 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:21.1.3-11.el8_8 < * cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.20.11-16.el8_8 < * cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.12.0-15.el8_8.14 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:21.1.3-11.el8_8 < * cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.20.11-31.el9_6 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:23.2.7-4.el9_6 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.14.1-8.el9_6 < * cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:21.1.3-3.el9_0 < * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.20.11-11.el9_0 < * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.11.0-22.el9_0.15 < * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:21.1.3-8.el9_2 < * cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.20.11-18.el9_2 < * cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.12.0-14.el9_2.12 < * cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:22.1.9-6.el9_4 < * cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.20.11-26.el9_4 < * cpe:/a:redhat:rhel_eus:9.4::appstream cpe:/a:redhat:rhel_eus:9.4::crb
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.13.1-8.el9_4.7 < * cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49178",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T15:05:17.851006Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T15:05:29.353Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-4.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:7.7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-17.el7_7.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-32.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream",
            "cpe:/a:redhat:enterprise_linux:8::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-18.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.15.0-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.6-4.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-31.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-4.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-8.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-3.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-11.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-8.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-18.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:22.1.9-6.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/a:redhat:rhel_eus:9.4::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the X server\u0027s request handling. Non-zero \u0027bytes to ignore\u0027 in a client\u0027s request can cause the server to skip processing another client\u0027s request, potentially leading to a denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-667",
              "description": "Improper Locking",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T01:17:40.427Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10258"
        },
        {
          "name": "RHSA-2025:10342",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10342"
        },
        {
          "name": "RHSA-2025:10343",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10343"
        },
        {
          "name": "RHSA-2025:10344",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10344"
        },
        {
          "name": "RHSA-2025:10346",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10346"
        },
        {
          "name": "RHSA-2025:10347",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10347"
        },
        {
          "name": "RHSA-2025:10348",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10348"
        },
        {
          "name": "RHSA-2025:10349",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10349"
        },
        {
          "name": "RHSA-2025:10350",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10350"
        },
        {
          "name": "RHSA-2025:10351",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10351"
        },
        {
          "name": "RHSA-2025:10352",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10352"
        },
        {
          "name": "RHSA-2025:10355",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10355"
        },
        {
          "name": "RHSA-2025:10356",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10356"
        },
        {
          "name": "RHSA-2025:10360",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10360"
        },
        {
          "name": "RHSA-2025:10370",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10370"
        },
        {
          "name": "RHSA-2025:10374",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10374"
        },
        {
          "name": "RHSA-2025:10375",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10375"
        },
        {
          "name": "RHSA-2025:10376",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10376"
        },
        {
          "name": "RHSA-2025:10377",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10377"
        },
        {
          "name": "RHSA-2025:10378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10378"
        },
        {
          "name": "RHSA-2025:10381",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10381"
        },
        {
          "name": "RHSA-2025:10410",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10410"
        },
        {
          "name": "RHSA-2025:9303",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9303"
        },
        {
          "name": "RHSA-2025:9304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9304"
        },
        {
          "name": "RHSA-2025:9305",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9305"
        },
        {
          "name": "RHSA-2025:9306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9306"
        },
        {
          "name": "RHSA-2025:9392",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9392"
        },
        {
          "name": "RHSA-2025:9964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49178"
        },
        {
          "name": "RHBZ#2369977",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369977"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T10:00:49.274000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: unprocessed client request due to bytes to ignore",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-667: Improper Locking"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49178",
    "datePublished": "2025-06-17T14:54:42.646Z",
    "dateReserved": "2025-06-03T05:38:02.947Z",
    "dateUpdated": "2025-07-15T01:17:40.427Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-49179 (GCVE-0-2025-49179)

Vulnerability from cvelistv5

Published

2025-06-17 14:54

Modified

2025-07-15 01:04

Severity ?

7.3 (High) - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Summary

A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.

References

►

URL

Tags

	https://access.redhat.com/errata/RHSA-2025:10258	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10342	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10343	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10344	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10346	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10347	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10348	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10349	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10350	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10351	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10352	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10355	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10356	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10360	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10370	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10374	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10375	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10376	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10377	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10378	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10381	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10410	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9303	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9304	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9305	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9306	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9392	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9964	vendor-advisory, x_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2025-49179	vdb-entry, x_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2369978	issue-tracking, x_refsource_REDHAT

Impacted products

Vendor

Product

Version

►

Red Hat

Red Hat Enterprise Linux 10

Unaffected: 0:24.1.5-4.el10_0 < *
cpe:/o:redhat:enterprise_linux:10.0

Red Hat	Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION	Unaffected: 0:1.1.0-25.el6_10.1 < * cpe:/o:redhat:rhel_els:6
Red Hat	Red Hat Enterprise Linux 7.7 Advanced Update Support	Unaffected: 0:1.8.0-17.el7_7.1 < * cpe:/o:redhat:rhel_aus:7.7::server
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.20.4-32.el7_9 < * cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.8.0-36.el7_9.2 < * cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.20.11-26.el8_10 < * cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:21.1.3-18.el8_10 < * cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.15.0-7.el8_10 < * cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.9.0-15.el8_2.14 < * cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.20.6-4.el8_2 < * cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.20.10-2.el8_4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.11.0-8.el8_4.13 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.10-2.el8_4 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.11.0-8.el8_4.13 < * cpe:/a:redhat:rhel_aus:8.4::appstream cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.20.11-5.el8_6.3 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.20.11-5.el8_6.3 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.12.0-6.el8_6.14 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:21.1.3-2.el8_6.4 < * cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.20.11-5.el8_6.3 < * cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.11-16.el8_8 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-11.el8_8 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.20.11-16.el8_8 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.12.0-15.el8_8.14 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:21.1.3-11.el8_8 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.20.11-16.el8_8 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.12.0-15.el8_8.14 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:21.1.3-11.el8_8 < * cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.20.11-31.el9_6 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:23.2.7-4.el9_6 < * cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.14.1-8.el9_6 < * cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:21.1.3-3.el9_0 < * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.20.11-11.el9_0 < * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.11.0-22.el9_0.15 < * cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:21.1.3-8.el9_2 < * cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.20.11-18.el9_2 < * cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.12.0-14.el9_2.12 < * cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:22.1.9-6.el9_4 < * cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.20.11-26.el9_4 < * cpe:/a:redhat:rhel_eus:9.4::crb cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.13.1-8.el9_4.7 < * cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49179",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T15:03:25.523317Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T15:04:08.505Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-4.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:7.7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-17.el7_7.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-32.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-18.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.15.0-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.6-4.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.4::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-31.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-4.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-8.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-3.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-11.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-8.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-18.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:22.1.9-6.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::crb",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-07-15T01:04:53.638Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10258"
        },
        {
          "name": "RHSA-2025:10342",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10342"
        },
        {
          "name": "RHSA-2025:10343",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10343"
        },
        {
          "name": "RHSA-2025:10344",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10344"
        },
        {
          "name": "RHSA-2025:10346",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10346"
        },
        {
          "name": "RHSA-2025:10347",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10347"
        },
        {
          "name": "RHSA-2025:10348",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10348"
        },
        {
          "name": "RHSA-2025:10349",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10349"
        },
        {
          "name": "RHSA-2025:10350",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10350"
        },
        {
          "name": "RHSA-2025:10351",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10351"
        },
        {
          "name": "RHSA-2025:10352",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10352"
        },
        {
          "name": "RHSA-2025:10355",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10355"
        },
        {
          "name": "RHSA-2025:10356",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10356"
        },
        {
          "name": "RHSA-2025:10360",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10360"
        },
        {
          "name": "RHSA-2025:10370",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10370"
        },
        {
          "name": "RHSA-2025:10374",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10374"
        },
        {
          "name": "RHSA-2025:10375",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10375"
        },
        {
          "name": "RHSA-2025:10376",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10376"
        },
        {
          "name": "RHSA-2025:10377",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10377"
        },
        {
          "name": "RHSA-2025:10378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10378"
        },
        {
          "name": "RHSA-2025:10381",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10381"
        },
        {
          "name": "RHSA-2025:10410",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10410"
        },
        {
          "name": "RHSA-2025:9303",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9303"
        },
        {
          "name": "RHSA-2025:9304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9304"
        },
        {
          "name": "RHSA-2025:9305",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9305"
        },
        {
          "name": "RHSA-2025:9306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9306"
        },
        {
          "name": "RHSA-2025:9392",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9392"
        },
        {
          "name": "RHSA-2025:9964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49179"
        },
        {
          "name": "RHBZ#2369978",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369978"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T10:11:40.389000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x record extension",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49179",
    "datePublished": "2025-06-17T14:54:49.288Z",
    "dateReserved": "2025-06-03T05:38:02.947Z",
    "dateUpdated": "2025-07-15T01:04:53.638Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

rhsa-2025:9964

Vulnerability from csaf_redhat

CVE-2025-49180 (GCVE-0-2025-49180)

Vulnerability from cvelistv5

CVE-2025-49176 (GCVE-0-2025-49176)

Vulnerability from cvelistv5

CVE-2025-49175 (GCVE-0-2025-49175)

Vulnerability from cvelistv5

CVE-2025-49178 (GCVE-0-2025-49178)

Vulnerability from cvelistv5

CVE-2025-49179 (GCVE-0-2025-49179)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature