csaf_suse - suse-su-2025:01977-1

SUSE-SU-2025:01977-1

Vulnerability from csaf_suse - Published: 2025-06-17 15:29 - Updated: 2025-06-17 15:29

Summary

Security update for xorg-x11-server

Notes

Title of the patch

Security update for xorg-x11-server

Description of the patch

This update for xorg-x11-server fixes the following issues: - CVE-2025-49175: Out-of-bounds access in X Rendering extension (Animated cursors) (bsc#1244082). - CVE-2025-49176: Integer overflow in Big Requests Extension (bsc#1244084). - CVE-2025-49178: Unprocessed client request via bytes to ignore (bsc#1244087). - CVE-2025-49179: Integer overflow in X Record extension (bsc#1244089). - CVE-2025-49180: Integer overflow in RandR extension (RRChangeProviderProperty) (bsc#1244090).

Patchnames

SUSE-2025-1977,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1977,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1977,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1977,SUSE-SLE-Product-WE-15-SP6-2025-1977,SUSE-SLE-Product-WE-15-SP7-2025-1977,SUSE-Storage-7.1-2025-1977

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for xorg-x11-server",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for xorg-x11-server fixes the following issues:\n\n- CVE-2025-49175: Out-of-bounds access in X Rendering extension (Animated cursors) (bsc#1244082).\n- CVE-2025-49176: Integer overflow in Big Requests Extension (bsc#1244084).\n- CVE-2025-49178: Unprocessed client request via bytes to ignore (bsc#1244087).\n- CVE-2025-49179: Integer overflow in X Record extension (bsc#1244089).\n- CVE-2025-49180: Integer overflow in RandR extension (RRChangeProviderProperty) (bsc#1244090).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2025-1977,SUSE-SLE-Product-HPC-15-SP3-LTSS-2025-1977,SUSE-SLE-Product-SLES-15-SP3-LTSS-2025-1977,SUSE-SLE-Product-SLES_SAP-15-SP3-2025-1977,SUSE-SLE-Product-WE-15-SP6-2025-1977,SUSE-SLE-Product-WE-15-SP7-2025-1977,SUSE-Storage-7.1-2025-1977",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2025_01977-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2025:01977-1",
        "url": "https://www.suse.com/support/update/announcement/2025/suse-su-202501977-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2025:01977-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2025-June/040329.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1244082",
        "url": "https://bugzilla.suse.com/1244082"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1244084",
        "url": "https://bugzilla.suse.com/1244084"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1244087",
        "url": "https://bugzilla.suse.com/1244087"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1244089",
        "url": "https://bugzilla.suse.com/1244089"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1244090",
        "url": "https://bugzilla.suse.com/1244090"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-49175 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-49175/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-49176 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-49176/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-49178 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-49178/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-49179 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-49179/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-49180 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-49180/"
      }
    ],
    "title": "Security update for xorg-x11-server",
    "tracking": {
      "current_release_date": "2025-06-17T15:29:23Z",
      "generator": {
        "date": "2025-06-17T15:29:23Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2025:01977-1",
      "initial_release_date": "2025-06-17T15:29:23Z",
      "revision_history": [
        {
          "date": "2025-06-17T15:29:23Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
                "product": {
                  "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
                  "product_id": "xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
                "product": {
                  "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
                  "product_id": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
                "product": {
                  "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
                  "product_id": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-source-1.20.3-150200.22.5.105.1.aarch64",
                "product": {
                  "name": "xorg-x11-server-source-1.20.3-150200.22.5.105.1.aarch64",
                  "product_id": "xorg-x11-server-source-1.20.3-150200.22.5.105.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.aarch64",
                "product": {
                  "name": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.aarch64",
                  "product_id": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.i586",
                "product": {
                  "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.i586",
                  "product_id": "xorg-x11-server-1.20.3-150200.22.5.105.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.i586",
                "product": {
                  "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.i586",
                  "product_id": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.i586",
                "product": {
                  "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.i586",
                  "product_id": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-source-1.20.3-150200.22.5.105.1.i586",
                "product": {
                  "name": "xorg-x11-server-source-1.20.3-150200.22.5.105.1.i586",
                  "product_id": "xorg-x11-server-source-1.20.3-150200.22.5.105.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.i586",
                "product": {
                  "name": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.i586",
                  "product_id": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
                "product": {
                  "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
                  "product_id": "xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
                "product": {
                  "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
                  "product_id": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
                "product": {
                  "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
                  "product_id": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-source-1.20.3-150200.22.5.105.1.ppc64le",
                "product": {
                  "name": "xorg-x11-server-source-1.20.3-150200.22.5.105.1.ppc64le",
                  "product_id": "xorg-x11-server-source-1.20.3-150200.22.5.105.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.ppc64le",
                "product": {
                  "name": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.ppc64le",
                  "product_id": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.s390x",
                "product": {
                  "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.s390x",
                  "product_id": "xorg-x11-server-1.20.3-150200.22.5.105.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x",
                "product": {
                  "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x",
                  "product_id": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x",
                "product": {
                  "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x",
                  "product_id": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-source-1.20.3-150200.22.5.105.1.s390x",
                "product": {
                  "name": "xorg-x11-server-source-1.20.3-150200.22.5.105.1.s390x",
                  "product_id": "xorg-x11-server-source-1.20.3-150200.22.5.105.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.s390x",
                "product": {
                  "name": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.s390x",
                  "product_id": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
                "product": {
                  "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
                  "product_id": "xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
                "product": {
                  "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
                  "product_id": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
                "product": {
                  "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
                  "product_id": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-source-1.20.3-150200.22.5.105.1.x86_64",
                "product": {
                  "name": "xorg-x11-server-source-1.20.3-150200.22.5.105.1.x86_64",
                  "product_id": "xorg-x11-server-source-1.20.3-150200.22.5.105.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
                "product": {
                  "name": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
                  "product_id": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                  "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
                "product": {
                  "name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
                  "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles-ltss:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:15:sp3"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Workstation Extension 15 SP6",
                "product": {
                  "name": "SUSE Linux Enterprise Workstation Extension 15 SP6",
                  "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP6",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-we:15:sp6"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
                "product": {
                  "name": "SUSE Linux Enterprise Workstation Extension 15 SP7",
                  "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sle-we:15:sp7"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Enterprise Storage 7.1",
                "product": {
                  "name": "SUSE Enterprise Storage 7.1",
                  "product_id": "SUSE Enterprise Storage 7.1",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:ses:7.1"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64"
        },
        "product_reference": "xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64"
        },
        "product_reference": "xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64"
        },
        "product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64"
        },
        "product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64"
        },
        "product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64"
        },
        "product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64"
        },
        "product_reference": "xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le"
        },
        "product_reference": "xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.s390x"
        },
        "product_reference": "xorg-x11-server-1.20.3-150200.22.5.105.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64"
        },
        "product_reference": "xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64"
        },
        "product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le"
        },
        "product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x"
        },
        "product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64"
        },
        "product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64"
        },
        "product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le"
        },
        "product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x"
        },
        "product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
          "product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64"
        },
        "product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le"
        },
        "product_reference": "xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64"
        },
        "product_reference": "xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le"
        },
        "product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64"
        },
        "product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le"
        },
        "product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64"
        },
        "product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP6",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64"
        },
        "product_reference": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP6"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64 as component of SUSE Linux Enterprise Workstation Extension 15 SP7",
          "product_id": "SUSE Linux Enterprise Workstation Extension 15 SP7:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64"
        },
        "product_reference": "xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Workstation Extension 15 SP7"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64"
        },
        "product_reference": "xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64"
        },
        "product_reference": "xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64"
        },
        "product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64"
        },
        "product_reference": "xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64"
        },
        "product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64 as component of SUSE Enterprise Storage 7.1",
          "product_id": "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64"
        },
        "product_reference": "xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
        "relates_to_product_reference": "SUSE Enterprise Storage 7.1"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-49175",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-49175"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the X Rendering extension\u0027s handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-49175",
          "url": "https://www.suse.com/security/cve/CVE-2025-49175"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1244082 for CVE-2025-49175",
          "url": "https://bugzilla.suse.com/1244082"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-17T15:29:23Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-49175"
    },
    {
      "cve": "CVE-2025-49176",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-49176"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-49176",
          "url": "https://www.suse.com/security/cve/CVE-2025-49176"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1244084 for CVE-2025-49176",
          "url": "https://bugzilla.suse.com/1244084"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-17T15:29:23Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-49176"
    },
    {
      "cve": "CVE-2025-49178",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-49178"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the X server\u0027s request handling. Non-zero \u0027bytes to ignore\u0027 in a client\u0027s request can cause the server to skip processing another client\u0027s request, potentially leading to a denial of service.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-49178",
          "url": "https://www.suse.com/security/cve/CVE-2025-49178"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1244087 for CVE-2025-49178",
          "url": "https://bugzilla.suse.com/1244087"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 4.7,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-17T15:29:23Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2025-49178"
    },
    {
      "cve": "CVE-2025-49179",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-49179"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-49179",
          "url": "https://www.suse.com/security/cve/CVE-2025-49179"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1244089 for CVE-2025-49179",
          "url": "https://bugzilla.suse.com/1244089"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-17T15:29:23Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-49179"
    },
    {
      "cve": "CVE-2025-49180",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-49180"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x",
          "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
          "SUSE Linux Enterprise Workstation Extension 15 SP7:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-49180",
          "url": "https://www.suse.com/security/cve/CVE-2025-49180"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1244090 for CVE-2025-49180",
          "url": "https://bugzilla.suse.com/1244090"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Enterprise Storage 7.1:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.aarch64",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.s390x",
            "SUSE Linux Enterprise Server 15 SP3-LTSS:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-extra-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 15 SP3:xorg-x11-server-sdk-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP6:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64",
            "SUSE Linux Enterprise Workstation Extension 15 SP7:xorg-x11-server-wayland-1.20.3-150200.22.5.105.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2025-06-17T15:29:23Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-49180"
    }
  ]
}

CVE-2025-49176 (GCVE-0-2025-49176)

Vulnerability from cvelistv5 – Published: 2025-06-17 14:49 – Updated: 2025-11-20 07:40

Summary

A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check.

Severity ?

7.3 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2025:10258	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10342	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10343	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10344	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10346	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10347	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10348	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10349	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10350	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10351	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10352	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10355	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10356	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10360	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10370	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10374	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10375	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10376	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10377	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10378	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10381	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10410	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9303	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9304	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9305	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9306	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9392	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9964	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2025-49176	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2369954	issue-trackingx_refsource_REDHAT

Impacted products

Vendor

Product

Version

Red Hat

Red Hat Enterprise Linux 10

Unaffected: 0:24.1.5-4.el10_0 , < * (rpm)
cpe:/o:redhat:enterprise_linux:10.0

Red Hat	Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION	Unaffected: 0:1.1.0-25.el6_10.1 , < * (rpm) cpe:/o:redhat:rhel_els:6
Red Hat	Red Hat Enterprise Linux 7.7 Advanced Update Support	Unaffected: 0:1.8.0-17.el7_7.1 , < * (rpm) cpe:/o:redhat:rhel_aus:7.7::server
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.20.4-32.el7_9 , < * (rpm) cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.8.0-36.el7_9.2 , < * (rpm) cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.20.11-26.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:21.1.3-18.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.15.0-7.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.9.0-15.el8_2.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.20.6-4.el8_2 , < * (rpm) cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.20.10-2.el8_4 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.11.0-8.el8_4.13 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.10-2.el8_4 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.11.0-8.el8_4.13 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.20.11-5.el8_6.3 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.20.11-5.el8_6.3 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.20.11-5.el8_6.3 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.11-16.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-11.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.20.11-16.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.12.0-15.el8_8.14 , < * (rpm) cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:21.1.3-11.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.20.11-16.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.12.0-15.el8_8.14 , < * (rpm) cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:21.1.3-11.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.20.11-31.el9_6 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:23.2.7-4.el9_6 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.14.1-8.el9_6 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:21.1.3-3.el9_0 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.20.11-11.el9_0 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.11.0-22.el9_0.15 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:21.1.3-8.el9_2 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.20.11-18.el9_2 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.12.0-14.el9_2.12 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:22.1.9-6.el9_4 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.20.11-26.el9_4 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream cpe:/a:redhat:rhel_eus:9.4::crb
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.13.1-8.el9_4.7 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6

Credits

Red Hat would like to thank Julian Suleder and Nils Emmerich for reporting this issue.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49176",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T14:58:49.779795Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T14:59:07.660Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:05:11.348Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "http://www.openwall.com/lists/oss-security/2025/06/18/2"
          },
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-4.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:7.7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-17.el7_7.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-32.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-18.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.15.0-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.6-4.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-31.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-4.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-8.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-3.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-11.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-8.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-18.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:22.1.9-6.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/a:redhat:rhel_eus:9.4::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Julian Suleder and Nils Emmerich for reporting this issue."
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the Big Requests extension. The request length is multiplied by 4 before checking against the maximum allowed size, potentially causing an integer overflow and bypassing the size check."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "LOW",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T07:40:19.572Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10258"
        },
        {
          "name": "RHSA-2025:10342",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10342"
        },
        {
          "name": "RHSA-2025:10343",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10343"
        },
        {
          "name": "RHSA-2025:10344",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10344"
        },
        {
          "name": "RHSA-2025:10346",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10346"
        },
        {
          "name": "RHSA-2025:10347",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10347"
        },
        {
          "name": "RHSA-2025:10348",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10348"
        },
        {
          "name": "RHSA-2025:10349",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10349"
        },
        {
          "name": "RHSA-2025:10350",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10350"
        },
        {
          "name": "RHSA-2025:10351",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10351"
        },
        {
          "name": "RHSA-2025:10352",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10352"
        },
        {
          "name": "RHSA-2025:10355",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10355"
        },
        {
          "name": "RHSA-2025:10356",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10356"
        },
        {
          "name": "RHSA-2025:10360",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10360"
        },
        {
          "name": "RHSA-2025:10370",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10370"
        },
        {
          "name": "RHSA-2025:10374",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10374"
        },
        {
          "name": "RHSA-2025:10375",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10375"
        },
        {
          "name": "RHSA-2025:10376",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10376"
        },
        {
          "name": "RHSA-2025:10377",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10377"
        },
        {
          "name": "RHSA-2025:10378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10378"
        },
        {
          "name": "RHSA-2025:10381",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10381"
        },
        {
          "name": "RHSA-2025:10410",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10410"
        },
        {
          "name": "RHSA-2025:9303",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9303"
        },
        {
          "name": "RHSA-2025:9304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9304"
        },
        {
          "name": "RHSA-2025:9305",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9305"
        },
        {
          "name": "RHSA-2025:9306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9306"
        },
        {
          "name": "RHSA-2025:9392",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9392"
        },
        {
          "name": "RHSA-2025:9964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49176"
        },
        {
          "name": "RHBZ#2369954",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369954"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T07:10:25.307000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in big requests extension",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49176",
    "datePublished": "2025-06-17T14:49:49.143Z",
    "dateReserved": "2025-06-03T05:38:02.947Z",
    "dateUpdated": "2025-11-20T07:40:19.572Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-49175 (GCVE-0-2025-49175)

Vulnerability from cvelistv5 – Published: 2025-06-17 14:39 – Updated: 2025-11-20 07:40

Summary

A flaw was found in the X Rendering extension's handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash.

Severity ?

6.1 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

CWE

CWE-125 - Out-of-bounds Read

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2025:10258	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10342	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10343	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10344	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10346	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10347	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10348	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10349	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10350	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10351	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10352	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10355	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10356	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10360	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10370	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10374	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10375	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10376	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10377	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10378	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10381	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10410	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9303	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9304	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9305	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9306	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9392	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9964	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2025-49175	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2369947	issue-trackingx_refsource_REDHAT
	https://gitlab.freedesktop.org/xorg/xserver/-/com…
	https://gitlab.freedesktop.org/xorg/xserver/-/mer…

Impacted products

Vendor

Product

Version

Red Hat

Red Hat Enterprise Linux 10

Unaffected: 0:24.1.5-4.el10_0 , < * (rpm)
cpe:/o:redhat:enterprise_linux:10.0

Red Hat	Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION	Unaffected: 0:1.1.0-25.el6_10.1 , < * (rpm) cpe:/o:redhat:rhel_els:6
Red Hat	Red Hat Enterprise Linux 7.7 Advanced Update Support	Unaffected: 0:1.8.0-17.el7_7.1 , < * (rpm) cpe:/o:redhat:rhel_aus:7.7::server
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.20.4-32.el7_9 , < * (rpm) cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.8.0-36.el7_9.2 , < * (rpm) cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.20.11-26.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:21.1.3-18.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.15.0-7.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.9.0-15.el8_2.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.20.6-4.el8_2 , < * (rpm) cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.20.10-2.el8_4 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.11.0-8.el8_4.13 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.10-2.el8_4 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.11.0-8.el8_4.13 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.20.11-5.el8_6.3 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.20.11-5.el8_6.3 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.20.11-5.el8_6.3 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.11-16.el8_8 , < * (rpm) cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-11.el8_8 , < * (rpm) cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.20.11-16.el8_8 , < * (rpm) cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.12.0-15.el8_8.14 , < * (rpm) cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:21.1.3-11.el8_8 , < * (rpm) cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.20.11-16.el8_8 , < * (rpm) cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.12.0-15.el8_8.14 , < * (rpm) cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:21.1.3-11.el8_8 , < * (rpm) cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_eus_long_life:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.20.11-31.el9_6 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:23.2.7-4.el9_6 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.14.1-8.el9_6 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:21.1.3-3.el9_0 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.20.11-11.el9_0 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.11.0-22.el9_0.15 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:21.1.3-8.el9_2 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.20.11-18.el9_2 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.12.0-14.el9_2.12 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:22.1.9-6.el9_4 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.20.11-26.el9_4 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::crb cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.13.1-8.el9_4.7 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6

Credits

Red Hat would like to thank Julian Suleder and Nils Emmerich for reporting this issue.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49175",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T14:53:24.755088Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T14:53:37.144Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:05:09.804Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-4.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:7.7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-17.el7_7.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-32.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-18.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.15.0-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.6-4.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-31.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-4.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-8.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-3.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-11.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-8.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-18.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:22.1.9-6.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::crb",
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Red Hat would like to thank Julian Suleder and Nils Emmerich for reporting this issue."
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the X Rendering extension\u0027s handling of animated cursors. If a client provides no cursors, the server assumes at least one is present, leading to an out-of-bounds read and potential crash."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-125",
              "description": "Out-of-bounds Read",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T07:40:21.070Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10258"
        },
        {
          "name": "RHSA-2025:10342",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10342"
        },
        {
          "name": "RHSA-2025:10343",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10343"
        },
        {
          "name": "RHSA-2025:10344",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10344"
        },
        {
          "name": "RHSA-2025:10346",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10346"
        },
        {
          "name": "RHSA-2025:10347",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10347"
        },
        {
          "name": "RHSA-2025:10348",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10348"
        },
        {
          "name": "RHSA-2025:10349",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10349"
        },
        {
          "name": "RHSA-2025:10350",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10350"
        },
        {
          "name": "RHSA-2025:10351",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10351"
        },
        {
          "name": "RHSA-2025:10352",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10352"
        },
        {
          "name": "RHSA-2025:10355",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10355"
        },
        {
          "name": "RHSA-2025:10356",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10356"
        },
        {
          "name": "RHSA-2025:10360",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10360"
        },
        {
          "name": "RHSA-2025:10370",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10370"
        },
        {
          "name": "RHSA-2025:10374",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10374"
        },
        {
          "name": "RHSA-2025:10375",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10375"
        },
        {
          "name": "RHSA-2025:10376",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10376"
        },
        {
          "name": "RHSA-2025:10377",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10377"
        },
        {
          "name": "RHSA-2025:10378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10378"
        },
        {
          "name": "RHSA-2025:10381",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10381"
        },
        {
          "name": "RHSA-2025:10410",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10410"
        },
        {
          "name": "RHSA-2025:9303",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9303"
        },
        {
          "name": "RHSA-2025:9304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9304"
        },
        {
          "name": "RHSA-2025:9305",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9305"
        },
        {
          "name": "RHSA-2025:9306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9306"
        },
        {
          "name": "RHSA-2025:9392",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9392"
        },
        {
          "name": "RHSA-2025:9964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49175"
        },
        {
          "name": "RHBZ#2369947",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369947"
        },
        {
          "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/0885e0b26225c90534642fe911632ec0779eebee"
        },
        {
          "url": "https://gitlab.freedesktop.org/xorg/xserver/-/merge_requests/2024"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T05:39:18.827000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: out-of-bounds read in x rendering extension animated cursors",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-125: Out-of-bounds Read"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49175",
    "datePublished": "2025-06-17T14:39:39.428Z",
    "dateReserved": "2025-06-03T05:38:02.947Z",
    "dateUpdated": "2025-11-20T07:40:21.070Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-49179 (GCVE-0-2025-49179)

Vulnerability from cvelistv5 – Published: 2025-06-17 14:54 – Updated: 2025-11-20 07:40

Summary

A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks.

Severity ?

7.3 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2025:10258	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10342	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10343	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10344	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10346	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10347	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10348	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10349	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10350	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10351	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10352	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10355	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10356	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10360	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10370	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10374	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10375	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10376	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10377	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10378	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10381	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10410	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9303	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9304	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9305	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9306	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9392	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9964	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2025-49179	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2369978	issue-trackingx_refsource_REDHAT

Impacted products

Vendor

Product

Version

Red Hat

Red Hat Enterprise Linux 10

Unaffected: 0:24.1.5-4.el10_0 , < * (rpm)
cpe:/o:redhat:enterprise_linux:10.0

Red Hat	Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION	Unaffected: 0:1.1.0-25.el6_10.1 , < * (rpm) cpe:/o:redhat:rhel_els:6
Red Hat	Red Hat Enterprise Linux 7.7 Advanced Update Support	Unaffected: 0:1.8.0-17.el7_7.1 , < * (rpm) cpe:/o:redhat:rhel_aus:7.7::server
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.20.4-32.el7_9 , < * (rpm) cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.8.0-36.el7_9.2 , < * (rpm) cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.20.11-26.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:21.1.3-18.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.15.0-7.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.9.0-15.el8_2.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.20.6-4.el8_2 , < * (rpm) cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.20.10-2.el8_4 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.11.0-8.el8_4.13 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.10-2.el8_4 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.11.0-8.el8_4.13 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.20.11-5.el8_6.3 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.20.11-5.el8_6.3 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.20.11-5.el8_6.3 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.11-16.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-11.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.20.11-16.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.12.0-15.el8_8.14 , < * (rpm) cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:21.1.3-11.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.20.11-16.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.12.0-15.el8_8.14 , < * (rpm) cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:21.1.3-11.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.20.11-31.el9_6 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:23.2.7-4.el9_6 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.14.1-8.el9_6 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:21.1.3-3.el9_0 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.20.11-11.el9_0 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.11.0-22.el9_0.15 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:21.1.3-8.el9_2 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.20.11-18.el9_2 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.12.0-14.el9_2.12 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:22.1.9-6.el9_4 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.20.11-26.el9_4 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream cpe:/a:redhat:rhel_eus:9.4::crb
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.13.1-8.el9_4.7 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49179",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T15:03:25.523317Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T15:04:08.505Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:05:14.402Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-4.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:7.7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-17.el7_7.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-32.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-18.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.15.0-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.6-4.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-31.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-4.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-8.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-3.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-11.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-8.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-18.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:22.1.9-6.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/a:redhat:rhel_eus:9.4::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the X Record extension. The RecordSanityCheckRegisterClients function does not check for an integer overflow when computing request length, which allows a client to bypass length checks."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T07:40:32.429Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10258"
        },
        {
          "name": "RHSA-2025:10342",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10342"
        },
        {
          "name": "RHSA-2025:10343",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10343"
        },
        {
          "name": "RHSA-2025:10344",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10344"
        },
        {
          "name": "RHSA-2025:10346",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10346"
        },
        {
          "name": "RHSA-2025:10347",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10347"
        },
        {
          "name": "RHSA-2025:10348",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10348"
        },
        {
          "name": "RHSA-2025:10349",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10349"
        },
        {
          "name": "RHSA-2025:10350",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10350"
        },
        {
          "name": "RHSA-2025:10351",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10351"
        },
        {
          "name": "RHSA-2025:10352",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10352"
        },
        {
          "name": "RHSA-2025:10355",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10355"
        },
        {
          "name": "RHSA-2025:10356",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10356"
        },
        {
          "name": "RHSA-2025:10360",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10360"
        },
        {
          "name": "RHSA-2025:10370",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10370"
        },
        {
          "name": "RHSA-2025:10374",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10374"
        },
        {
          "name": "RHSA-2025:10375",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10375"
        },
        {
          "name": "RHSA-2025:10376",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10376"
        },
        {
          "name": "RHSA-2025:10377",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10377"
        },
        {
          "name": "RHSA-2025:10378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10378"
        },
        {
          "name": "RHSA-2025:10381",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10381"
        },
        {
          "name": "RHSA-2025:10410",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10410"
        },
        {
          "name": "RHSA-2025:9303",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9303"
        },
        {
          "name": "RHSA-2025:9304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9304"
        },
        {
          "name": "RHSA-2025:9305",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9305"
        },
        {
          "name": "RHSA-2025:9306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9306"
        },
        {
          "name": "RHSA-2025:9392",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9392"
        },
        {
          "name": "RHSA-2025:9964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49179"
        },
        {
          "name": "RHBZ#2369978",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369978"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T10:11:40.389000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x record extension",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49179",
    "datePublished": "2025-06-17T14:54:49.288Z",
    "dateReserved": "2025-06-03T05:38:02.947Z",
    "dateUpdated": "2025-11-20T07:40:32.429Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-49180 (GCVE-0-2025-49180)

Vulnerability from cvelistv5 – Published: 2025-06-17 15:00 – Updated: 2025-11-20 07:40

Summary

A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate.

Severity ?

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-190 - Integer Overflow or Wraparound

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2025:10258	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10342	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10343	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10344	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10346	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10347	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10348	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10349	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10350	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10351	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10352	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10355	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10356	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10360	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10370	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10374	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10375	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10376	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10377	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10378	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10381	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10410	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9303	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9304	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9305	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9306	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9392	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9964	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2025-49180	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2369981	issue-trackingx_refsource_REDHAT

Impacted products

Vendor

Product

Version

Red Hat

Red Hat Enterprise Linux 10

Unaffected: 0:24.1.5-4.el10_0 , < * (rpm)
cpe:/o:redhat:enterprise_linux:10.0

Red Hat	Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION	Unaffected: 0:1.1.0-25.el6_10.1 , < * (rpm) cpe:/o:redhat:rhel_els:6
Red Hat	Red Hat Enterprise Linux 7.7 Advanced Update Support	Unaffected: 0:1.8.0-17.el7_7.1 , < * (rpm) cpe:/o:redhat:rhel_aus:7.7::server
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.20.4-32.el7_9 , < * (rpm) cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.8.0-36.el7_9.2 , < * (rpm) cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.20.11-26.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:21.1.3-18.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.15.0-7.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.9.0-15.el8_2.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.20.6-4.el8_2 , < * (rpm) cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.20.10-2.el8_4 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.11.0-8.el8_4.13 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.10-2.el8_4 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.11.0-8.el8_4.13 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.20.11-5.el8_6.3 , < * (rpm) cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.20.11-5.el8_6.3 , < * (rpm) cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.20.11-5.el8_6.3 , < * (rpm) cpe:/a:redhat:rhel_tus:8.6::appstream cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.11-16.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-11.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.20.11-16.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.12.0-15.el8_8.14 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:21.1.3-11.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.20.11-16.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.12.0-15.el8_8.14 , < * (rpm) cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:21.1.3-11.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.20.11-31.el9_6 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:23.2.7-4.el9_6 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.14.1-8.el9_6 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:21.1.3-3.el9_0 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.20.11-11.el9_0 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.11.0-22.el9_0.15 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:21.1.3-8.el9_2 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.20.11-18.el9_2 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.12.0-14.el9_2.12 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:22.1.9-6.el9_4 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.20.11-26.el9_4 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream cpe:/a:redhat:rhel_eus:9.4::crb
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.13.1-8.el9_4.7 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49180",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T15:36:37.255035Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T15:36:48.643Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:05:19.033Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-4.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:7.7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-17.el7_7.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-32.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-18.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.15.0-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.6-4.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.6::appstream",
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-31.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-4.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-8.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-3.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-11.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-8.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-18.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:22.1.9-6.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/a:redhat:rhel_eus:9.4::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the RandR extension, where the RRChangeProviderProperty function does not properly validate input. This issue leads to an integer overflow when computing the total size to allocate."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-190",
              "description": "Integer Overflow or Wraparound",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T07:40:43.182Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10258"
        },
        {
          "name": "RHSA-2025:10342",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10342"
        },
        {
          "name": "RHSA-2025:10343",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10343"
        },
        {
          "name": "RHSA-2025:10344",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10344"
        },
        {
          "name": "RHSA-2025:10346",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10346"
        },
        {
          "name": "RHSA-2025:10347",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10347"
        },
        {
          "name": "RHSA-2025:10348",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10348"
        },
        {
          "name": "RHSA-2025:10349",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10349"
        },
        {
          "name": "RHSA-2025:10350",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10350"
        },
        {
          "name": "RHSA-2025:10351",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10351"
        },
        {
          "name": "RHSA-2025:10352",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10352"
        },
        {
          "name": "RHSA-2025:10355",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10355"
        },
        {
          "name": "RHSA-2025:10356",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10356"
        },
        {
          "name": "RHSA-2025:10360",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10360"
        },
        {
          "name": "RHSA-2025:10370",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10370"
        },
        {
          "name": "RHSA-2025:10374",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10374"
        },
        {
          "name": "RHSA-2025:10375",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10375"
        },
        {
          "name": "RHSA-2025:10376",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10376"
        },
        {
          "name": "RHSA-2025:10377",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10377"
        },
        {
          "name": "RHSA-2025:10378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10378"
        },
        {
          "name": "RHSA-2025:10381",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10381"
        },
        {
          "name": "RHSA-2025:10410",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10410"
        },
        {
          "name": "RHSA-2025:9303",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9303"
        },
        {
          "name": "RHSA-2025:9304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9304"
        },
        {
          "name": "RHSA-2025:9305",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9305"
        },
        {
          "name": "RHSA-2025:9306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9306"
        },
        {
          "name": "RHSA-2025:9392",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9392"
        },
        {
          "name": "RHSA-2025:9964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49180"
        },
        {
          "name": "RHBZ#2369981",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369981"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T10:14:53.357000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: integer overflow in x resize, rotate and reflect (randr) extension",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-190: Integer Overflow or Wraparound"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49180",
    "datePublished": "2025-06-17T15:00:18.145Z",
    "dateReserved": "2025-06-03T05:38:02.947Z",
    "dateUpdated": "2025-11-20T07:40:43.182Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-49178 (GCVE-0-2025-49178)

Vulnerability from cvelistv5 – Published: 2025-06-17 14:54 – Updated: 2025-11-20 21:11

Summary

A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service.

Severity ?

5.5 (Medium)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CWE

CWE-667 - Improper Locking

Assigner

redhat

References

URL

Tags

	https://access.redhat.com/errata/RHSA-2025:10258	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10342	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10343	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10344	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10346	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10347	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10348	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10349	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10350	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10351	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10352	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10355	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10356	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10360	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10370	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10374	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10375	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10376	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10377	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10378	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10381	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:10410	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9303	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9304	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9305	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9306	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9392	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/errata/RHSA-2025:9964	vendor-advisoryx_refsource_REDHAT
	https://access.redhat.com/security/cve/CVE-2025-49178	vdb-entryx_refsource_REDHAT
	https://bugzilla.redhat.com/show_bug.cgi?id=2369977	issue-trackingx_refsource_REDHAT

Impacted products

Vendor

Product

Version

Red Hat

Red Hat Enterprise Linux 10

Unaffected: 0:24.1.5-4.el10_0 , < * (rpm)
cpe:/o:redhat:enterprise_linux:10.0

Red Hat	Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION	Unaffected: 0:1.1.0-25.el6_10.1 , < * (rpm) cpe:/o:redhat:rhel_els:6
Red Hat	Red Hat Enterprise Linux 7.7 Advanced Update Support	Unaffected: 0:1.8.0-17.el7_7.1 , < * (rpm) cpe:/o:redhat:rhel_aus:7.7::server
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.20.4-32.el7_9 , < * (rpm) cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 7 Extended Lifecycle Support	Unaffected: 0:1.8.0-36.el7_9.2 , < * (rpm) cpe:/o:redhat:rhel_els:7
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.20.11-26.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:21.1.3-18.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::crb cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8	Unaffected: 0:1.15.0-7.el8_10 , < * (rpm) cpe:/a:redhat:enterprise_linux:8::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.9.0-15.el8_2.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.2 Advanced Update Support	Unaffected: 0:1.20.6-4.el8_2 , < * (rpm) cpe:/a:redhat:rhel_aus:8.2::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.20.10-2.el8_4 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support	Unaffected: 0:1.11.0-8.el8_4.13 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.10-2.el8_4 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On	Unaffected: 0:1.11.0-8.el8_4.13 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.4::appstream cpe:/a:redhat:rhel_aus:8.4::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support	Unaffected: 0:1.20.11-5.el8_6.3 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Telecommunications Update Service	Unaffected: 0:1.20.11-5.el8_6.3 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.12.0-6.el8_6.14 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:21.1.3-2.el8_6.4 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_eus_long_life:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions	Unaffected: 0:1.20.11-5.el8_6.3 , < * (rpm) cpe:/a:redhat:rhel_aus:8.6::appstream cpe:/a:redhat:rhel_e4s:8.6::appstream cpe:/a:redhat:rhel_tus:8.6::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:1.20.11-16.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On	Unaffected: 0:21.1.3-11.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.20.11-16.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:1.12.0-15.el8_8.14 , < * (rpm) cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Telecommunications Update Service	Unaffected: 0:21.1.3-11.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.20.11-16.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:1.12.0-15.el8_8.14 , < * (rpm) cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions	Unaffected: 0:21.1.3-11.el8_8 , < * (rpm) cpe:/a:redhat:rhel_eus_long_life:8.8::appstream cpe:/a:redhat:rhel_tus:8.8::appstream cpe:/a:redhat:rhel_e4s:8.8::appstream
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.20.11-31.el9_6 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:23.2.7-4.el9_6 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream cpe:/a:redhat:enterprise_linux:9::crb
Red Hat	Red Hat Enterprise Linux 9	Unaffected: 0:1.14.1-8.el9_6 , < * (rpm) cpe:/a:redhat:enterprise_linux:9::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:21.1.3-3.el9_0 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.20.11-11.el9_0 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions	Unaffected: 0:1.11.0-22.el9_0.15 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.0::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:21.1.3-8.el9_2 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.20.11-18.el9_2 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions	Unaffected: 0:1.12.0-14.el9_2.12 , < * (rpm) cpe:/a:redhat:rhel_e4s:9.2::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:22.1.9-6.el9_4 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.20.11-26.el9_4 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream cpe:/a:redhat:rhel_eus:9.4::crb
Red Hat	Red Hat Enterprise Linux 9.4 Extended Update Support	Unaffected: 0:1.13.1-8.el9_4.7 , < * (rpm) cpe:/a:redhat:rhel_eus:9.4::appstream
Red Hat	Red Hat Enterprise Linux 6	cpe:/o:redhat:enterprise_linux:6

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-49178",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-17T15:05:17.851006Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-17T15:05:29.353Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2025-11-03T20:05:12.866Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "url": "https://lists.debian.org/debian-lts-announce/2025/06/msg00028.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10.0"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:24.1.5-4.el10_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:6"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support  - EXTENSION",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.1.0-25.el6_10.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_aus:7.7::server"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-17.el7_7.1",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.4-32.el7_9",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:rhel_els:7"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.8.0-36.el7_9.2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::crb",
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-18.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.15.0-7.el8_10",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.9.0-15.el8_2.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.6-4.el8_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.10-2.el8_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.4::appstream",
            "cpe:/a:redhat:rhel_aus:8.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-8.el8_4.13",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-6.el8_6.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-2.el8_6.4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_aus:8.6::appstream",
            "cpe:/a:redhat:rhel_e4s:8.6::appstream",
            "cpe:/a:redhat:rhel_tus:8.6::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-5.el8_6.3",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-16.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-15.el8_8.14",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream",
            "cpe:/a:redhat:rhel_tus:8.8::appstream",
            "cpe:/a:redhat:rhel_e4s:8.8::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-11.el8_8",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-31.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream",
            "cpe:/a:redhat:enterprise_linux:9::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:23.2.7-4.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:enterprise_linux:9::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.14.1-8.el9_6",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-3.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-11.el9_0",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.0::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.11.0-22.el9_0.15",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:21.1.3-8.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-18.el9_2",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_e4s:9.2::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.12.0-14.el9_2.12",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server-Xwayland",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:22.1.9-6.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream",
            "cpe:/a:redhat:rhel_eus:9.4::crb"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.20.11-26.el9_4",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:rhel_eus:9.4::appstream"
          ],
          "defaultStatus": "affected",
          "packageName": "tigervnc",
          "product": "Red Hat Enterprise Linux 9.4 Extended Update Support",
          "vendor": "Red Hat",
          "versions": [
            {
              "lessThan": "*",
              "status": "unaffected",
              "version": "0:1.13.1-8.el9_4.7",
              "versionType": "rpm"
            }
          ]
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "affected",
          "packageName": "xorg-x11-server",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        }
      ],
      "datePublic": "2025-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in the X server\u0027s request handling. Non-zero \u0027bytes to ignore\u0027 in a client\u0027s request can cause the server to skip processing another client\u0027s request, potentially leading to a denial of service."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Moderate"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 5.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-667",
              "description": "Improper Locking",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-20T21:11:22.439Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "RHSA-2025:10258",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10258"
        },
        {
          "name": "RHSA-2025:10342",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10342"
        },
        {
          "name": "RHSA-2025:10343",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10343"
        },
        {
          "name": "RHSA-2025:10344",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10344"
        },
        {
          "name": "RHSA-2025:10346",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10346"
        },
        {
          "name": "RHSA-2025:10347",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10347"
        },
        {
          "name": "RHSA-2025:10348",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10348"
        },
        {
          "name": "RHSA-2025:10349",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10349"
        },
        {
          "name": "RHSA-2025:10350",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10350"
        },
        {
          "name": "RHSA-2025:10351",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10351"
        },
        {
          "name": "RHSA-2025:10352",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10352"
        },
        {
          "name": "RHSA-2025:10355",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10355"
        },
        {
          "name": "RHSA-2025:10356",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10356"
        },
        {
          "name": "RHSA-2025:10360",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10360"
        },
        {
          "name": "RHSA-2025:10370",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10370"
        },
        {
          "name": "RHSA-2025:10374",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10374"
        },
        {
          "name": "RHSA-2025:10375",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10375"
        },
        {
          "name": "RHSA-2025:10376",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10376"
        },
        {
          "name": "RHSA-2025:10377",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10377"
        },
        {
          "name": "RHSA-2025:10378",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10378"
        },
        {
          "name": "RHSA-2025:10381",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10381"
        },
        {
          "name": "RHSA-2025:10410",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:10410"
        },
        {
          "name": "RHSA-2025:9303",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9303"
        },
        {
          "name": "RHSA-2025:9304",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9304"
        },
        {
          "name": "RHSA-2025:9305",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9305"
        },
        {
          "name": "RHSA-2025:9306",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9306"
        },
        {
          "name": "RHSA-2025:9392",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9392"
        },
        {
          "name": "RHSA-2025:9964",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2025:9964"
        },
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2025-49178"
        },
        {
          "name": "RHBZ#2369977",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369977"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-06-03T10:00:49.274000+00:00",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2025-06-17T00:00:00+00:00",
          "value": "Made public."
        }
      ],
      "title": "Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: unprocessed client request due to bytes to ignore",
      "workarounds": [
        {
          "lang": "en",
          "value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."
        }
      ],
      "x_redhatCweChain": "CWE-667: Improper Locking"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2025-49178",
    "datePublished": "2025-06-17T14:54:42.646Z",
    "dateReserved": "2025-06-03T05:38:02.947Z",
    "dateUpdated": "2025-11-20T21:11:22.439Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

SUSE-SU-2025:01977-1

CVE-2025-49176 (GCVE-0-2025-49176)

CVE-2025-49175 (GCVE-0-2025-49175)

CVE-2025-49179 (GCVE-0-2025-49179)

CVE-2025-49180 (GCVE-0-2025-49180)

CVE-2025-49178 (GCVE-0-2025-49178)

Tags

Sightings

Nomenclature