{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-49178", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2025-06-03T05:38:02.947Z", "datePublished": "2025-06-17T14:54:42.646Z", "dateUpdated": "2025-09-25T18:28:12.515Z"}, "containers": {"cna": {"title": "Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: unprocessed client request due to bytes to ignore", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service."}], "affected": [{"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server-Xwayland", "defaultStatus": "affected", "versions": [{"version": "0:24.1.5-4.el10_0", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:enterprise_linux:10.0"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "tigervnc", "defaultStatus": "affected", "versions": [{"version": "0:1.1.0-25.el6_10.1", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_els:6"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "tigervnc", "defaultStatus": "affected", "versions": [{"version": "0:1.8.0-17.el7_7.1", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_aus:7.7::server"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server", "defaultStatus": "affected", "versions": [{"version": "0:1.20.4-32.el7_9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_els:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "tigervnc", "defaultStatus": "affected", "versions": [{"version": "0:1.8.0-36.el7_9.2", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_els:7"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server", "defaultStatus": "affected", "versions": [{"version": "0:1.20.11-26.el8_10", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/a:redhat:enterprise_linux:8::crb"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server-Xwayland", "defaultStatus": "affected", "versions": [{"version": "0:21.1.3-18.el8_10", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/a:redhat:enterprise_linux:8::crb"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "tigervnc", "defaultStatus": "affected", "versions": [{"version": "0:1.15.0-7.el8_10", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "tigervnc", "defaultStatus": "affected", "versions": [{"version": "0:1.9.0-15.el8_2.14", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_aus:8.2::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server", "defaultStatus": "affected", "versions": [{"version": "0:1.20.6-4.el8_2", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_aus:8.2::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server", "defaultStatus": "affected", "versions": [{"version": "0:1.20.10-2.el8_4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "tigervnc", "defaultStatus": "affected", "versions": [{"version": "0:1.11.0-8.el8_4.13", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server", "defaultStatus": "affected", "versions": [{"version": "0:1.20.10-2.el8_4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "tigervnc", "defaultStatus": "affected", "versions": [{"version": "0:1.11.0-8.el8_4.13", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "tigervnc", "defaultStatus": "affected", "versions": [{"version": "0:1.12.0-6.el8_6.14", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server-Xwayland", "defaultStatus": "affected", "versions": [{"version": "0:21.1.3-2.el8_6.4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server", "defaultStatus": "affected", "versions": [{"version": "0:1.20.11-5.el8_6.3", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "tigervnc", "defaultStatus": "affected", "versions": [{"version": "0:1.12.0-6.el8_6.14", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server-Xwayland", "defaultStatus": "affected", "versions": [{"version": "0:21.1.3-2.el8_6.4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "tigervnc", "defaultStatus": "affected", "versions": [{"version": "0:1.12.0-6.el8_6.14", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server-Xwayland", "defaultStatus": "affected", "versions": [{"version": "0:21.1.3-2.el8_6.4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server", "defaultStatus": "affected", "versions": [{"version": "0:1.20.11-5.el8_6.3", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "tigervnc", "defaultStatus": "affected", "versions": [{"version": "0:1.12.0-6.el8_6.14", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server-Xwayland", "defaultStatus": "affected", "versions": [{"version": "0:21.1.3-2.el8_6.4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server", "defaultStatus": "affected", "versions": [{"version": "0:1.20.11-5.el8_6.3", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server", "defaultStatus": "affected", "versions": [{"version": "0:1.20.11-16.el8_8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_tus:8.8::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "cpe:/a:redhat:rhel_e4s:8.8::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server-Xwayland", "defaultStatus": "affected", "versions": [{"version": "0:21.1.3-11.el8_8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_tus:8.8::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "cpe:/a:redhat:rhel_e4s:8.8::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server", "defaultStatus": "affected", "versions": [{"version": "0:1.20.11-16.el8_8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_tus:8.8::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "cpe:/a:redhat:rhel_e4s:8.8::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "tigervnc", "defaultStatus": "affected", "versions": [{"version": "0:1.12.0-15.el8_8.14", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_tus:8.8::appstream", "cpe:/a:redhat:rhel_e4s:8.8::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server-Xwayland", "defaultStatus": "affected", "versions": [{"version": "0:21.1.3-11.el8_8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_tus:8.8::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "cpe:/a:redhat:rhel_e4s:8.8::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server", "defaultStatus": "affected", "versions": [{"version": "0:1.20.11-16.el8_8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_tus:8.8::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "cpe:/a:redhat:rhel_e4s:8.8::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "tigervnc", "defaultStatus": "affected", "versions": [{"version": "0:1.12.0-15.el8_8.14", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_tus:8.8::appstream", "cpe:/a:redhat:rhel_e4s:8.8::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server-Xwayland", "defaultStatus": "affected", "versions": [{"version": "0:21.1.3-11.el8_8", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_tus:8.8::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "cpe:/a:redhat:rhel_e4s:8.8::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server", "defaultStatus": "affected", "versions": [{"version": "0:1.20.11-31.el9_6", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/a:redhat:enterprise_linux:9::crb"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server-Xwayland", "defaultStatus": "affected", "versions": [{"version": "0:23.2.7-4.el9_6", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/a:redhat:enterprise_linux:9::crb"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "tigervnc", "defaultStatus": "affected", "versions": [{"version": "0:1.14.1-8.el9_6", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server-Xwayland", "defaultStatus": "affected", "versions": [{"version": "0:21.1.3-3.el9_0", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:9.0::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server", "defaultStatus": "affected", "versions": [{"version": "0:1.20.11-11.el9_0", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:9.0::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "tigervnc", "defaultStatus": "affected", "versions": [{"version": "0:1.11.0-22.el9_0.15", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:9.0::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server-Xwayland", "defaultStatus": "affected", "versions": [{"version": "0:21.1.3-8.el9_2", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:9.2::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server", "defaultStatus": "affected", "versions": [{"version": "0:1.20.11-18.el9_2", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:9.2::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "tigervnc", "defaultStatus": "affected", "versions": [{"version": "0:1.12.0-14.el9_2.12", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_e4s:9.2::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.4 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server-Xwayland", "defaultStatus": "affected", "versions": [{"version": "0:22.1.9-6.el9_4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_eus:9.4::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.4 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server", "defaultStatus": "affected", "versions": [{"version": "0:1.20.11-26.el9_4", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_eus:9.4::appstream", "cpe:/a:redhat:rhel_eus:9.4::crb"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.4 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "tigervnc", "defaultStatus": "affected", "versions": [{"version": "0:1.13.1-8.el9_4.7", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:rhel_eus:9.4::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "xorg-x11-server", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:6"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:10258", "name": "RHSA-2025:10258", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10342", "name": "RHSA-2025:10342", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10343", "name": "RHSA-2025:10343", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10344", "name": "RHSA-2025:10344", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10346", "name": "RHSA-2025:10346", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10347", "name": "RHSA-2025:10347", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10348", "name": "RHSA-2025:10348", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10349", "name": "RHSA-2025:10349", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10350", "name": "RHSA-2025:10350", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10351", "name": "RHSA-2025:10351", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10352", "name": "RHSA-2025:10352", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10355", "name": "RHSA-2025:10355", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10356", "name": "RHSA-2025:10356", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10360", "name": "RHSA-2025:10360", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10370", "name": "RHSA-2025:10370", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10374", "name": "RHSA-2025:10374", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10375", "name": "RHSA-2025:10375", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10376", "name": "RHSA-2025:10376", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10377", "name": "RHSA-2025:10377", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10378", "name": "RHSA-2025:10378", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10381", "name": "RHSA-2025:10381", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10410", "name": "RHSA-2025:10410", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9303", "name": "RHSA-2025:9303", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9304", "name": "RHSA-2025:9304", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9305", "name": "RHSA-2025:9305", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9306", "name": "RHSA-2025:9306", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9392", "name": "RHSA-2025:9392", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9964", "name": "RHSA-2025:9964", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2025-49178", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369977", "name": "RHBZ#2369977", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "datePublic": "2025-06-17T00:00:00.000Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-667", "description": "Improper Locking", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-667: Improper Locking", "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}], "timeline": [{"lang": "en", "time": "2025-06-03T10:00:49.274000+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2025-06-17T00:00:00+00:00", "value": "Made public."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-09-25T18:28:12.515Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-17T15:05:17.851006Z", "id": "CVE-2025-49178", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-17T15:05:29.353Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-49178", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-06-17T15:05:17.851006Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-17T15:05:21.157Z"}}], "cna": {"title": "Xorg-x11-server-xwayland: xorg-x11-server: tigervnc: unprocessed client request due to bytes to ignore", "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}}], "affected": [{"cpes": ["cpe:/o:redhat:enterprise_linux:10.0"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 10", "versions": [{"status": "unaffected", "version": "0:24.1.5-4.el10_0", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server-Xwayland", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:rhel_els:6"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION", "versions": [{"status": "unaffected", "version": "0:1.1.0-25.el6_10.1", "lessThan": "*", "versionType": "rpm"}], "packageName": "tigervnc", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:rhel_aus:7.7::server"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7.7 Advanced Update Support", "versions": [{"status": "unaffected", "version": "0:1.8.0-17.el7_7.1", "lessThan": "*", "versionType": "rpm"}], "packageName": "tigervnc", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:rhel_els:7"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "versions": [{"status": "unaffected", "version": "0:1.20.4-32.el7_9", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:rhel_els:7"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "versions": [{"status": "unaffected", "version": "0:1.8.0-36.el7_9.2", "lessThan": "*", "versionType": "rpm"}], "packageName": "tigervnc", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/a:redhat:enterprise_linux:8::crb"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "versions": [{"status": "unaffected", "version": "0:1.20.11-26.el8_10", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/a:redhat:enterprise_linux:8::crb"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "versions": [{"status": "unaffected", "version": "0:21.1.3-18.el8_10", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server-Xwayland", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "versions": [{"status": "unaffected", "version": "0:1.15.0-7.el8_10", "lessThan": "*", "versionType": "rpm"}], "packageName": "tigervnc", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_aus:8.2::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "versions": [{"status": "unaffected", "version": "0:1.9.0-15.el8_2.14", "lessThan": "*", "versionType": "rpm"}], "packageName": "tigervnc", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_aus:8.2::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "versions": [{"status": "unaffected", "version": "0:1.20.6-4.el8_2", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "versions": [{"status": "unaffected", "version": "0:1.20.10-2.el8_4", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "versions": [{"status": "unaffected", "version": "0:1.11.0-8.el8_4.13", "lessThan": "*", "versionType": "rpm"}], "packageName": "tigervnc", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On", "versions": [{"status": "unaffected", "version": "0:1.20.10-2.el8_4", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_eus_long_life:8.4::appstream", "cpe:/a:redhat:rhel_aus:8.4::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On", "versions": [{"status": "unaffected", "version": "0:1.11.0-8.el8_4.13", "lessThan": "*", "versionType": "rpm"}], "packageName": "tigervnc", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "versions": [{"status": "unaffected", "version": "0:1.12.0-6.el8_6.14", "lessThan": "*", "versionType": "rpm"}], "packageName": "tigervnc", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "versions": [{"status": "unaffected", "version": "0:21.1.3-2.el8_6.4", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server-Xwayland", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "versions": [{"status": "unaffected", "version": "0:1.20.11-5.el8_6.3", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On", "versions": [{"status": "unaffected", "version": "0:1.12.0-6.el8_6.14", "lessThan": "*", "versionType": "rpm"}], "packageName": "tigervnc", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On", "versions": [{"status": "unaffected", "version": "0:21.1.3-2.el8_6.4", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server-Xwayland", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "versions": [{"status": "unaffected", "version": "0:1.12.0-6.el8_6.14", "lessThan": "*", "versionType": "rpm"}], "packageName": "tigervnc", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "versions": [{"status": "unaffected", "version": "0:21.1.3-2.el8_6.4", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server-Xwayland", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "versions": [{"status": "unaffected", "version": "0:1.20.11-5.el8_6.3", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "0:1.12.0-6.el8_6.14", "lessThan": "*", "versionType": "rpm"}], "packageName": "tigervnc", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.6::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "0:21.1.3-2.el8_6.4", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server-Xwayland", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:8.6::appstream", "cpe:/a:redhat:rhel_aus:8.6::appstream", "cpe:/a:redhat:rhel_tus:8.6::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "0:1.20.11-5.el8_6.3", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_tus:8.8::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "cpe:/a:redhat:rhel_e4s:8.8::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On", "versions": [{"status": "unaffected", "version": "0:1.20.11-16.el8_8", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_tus:8.8::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "cpe:/a:redhat:rhel_e4s:8.8::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Extended Update Support Long-Life Add-On", "versions": [{"status": "unaffected", "version": "0:21.1.3-11.el8_8", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server-Xwayland", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_tus:8.8::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "cpe:/a:redhat:rhel_e4s:8.8::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "versions": [{"status": "unaffected", "version": "0:1.20.11-16.el8_8", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_tus:8.8::appstream", "cpe:/a:redhat:rhel_e4s:8.8::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "versions": [{"status": "unaffected", "version": "0:1.12.0-15.el8_8.14", "lessThan": "*", "versionType": "rpm"}], "packageName": "tigervnc", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_tus:8.8::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "cpe:/a:redhat:rhel_e4s:8.8::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "versions": [{"status": "unaffected", "version": "0:21.1.3-11.el8_8", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server-Xwayland", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_tus:8.8::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "cpe:/a:redhat:rhel_e4s:8.8::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "0:1.20.11-16.el8_8", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_tus:8.8::appstream", "cpe:/a:redhat:rhel_e4s:8.8::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "0:1.12.0-15.el8_8.14", "lessThan": "*", "versionType": "rpm"}], "packageName": "tigervnc", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_tus:8.8::appstream", "cpe:/a:redhat:rhel_eus_long_life:8.8::appstream", "cpe:/a:redhat:rhel_e4s:8.8::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "0:21.1.3-11.el8_8", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server-Xwayland", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/a:redhat:enterprise_linux:9::crb"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "versions": [{"status": "unaffected", "version": "0:1.20.11-31.el9_6", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/a:redhat:enterprise_linux:9::crb"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "versions": [{"status": "unaffected", "version": "0:23.2.7-4.el9_6", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server-Xwayland", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "versions": [{"status": "unaffected", "version": "0:1.14.1-8.el9_6", "lessThan": "*", "versionType": "rpm"}], "packageName": "tigervnc", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:9.0::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "0:21.1.3-3.el9_0", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server-Xwayland", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:9.0::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "0:1.20.11-11.el9_0", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:9.0::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "0:1.11.0-22.el9_0.15", "lessThan": "*", "versionType": "rpm"}], "packageName": "tigervnc", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:9.2::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "0:21.1.3-8.el9_2", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server-Xwayland", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:9.2::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "0:1.20.11-18.el9_2", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_e4s:9.2::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "versions": [{"status": "unaffected", "version": "0:1.12.0-14.el9_2.12", "lessThan": "*", "versionType": "rpm"}], "packageName": "tigervnc", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_eus:9.4::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.4 Extended Update Support", "versions": [{"status": "unaffected", "version": "0:22.1.9-6.el9_4", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server-Xwayland", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_eus:9.4::appstream", "cpe:/a:redhat:rhel_eus:9.4::crb"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.4 Extended Update Support", "versions": [{"status": "unaffected", "version": "0:1.20.11-26.el9_4", "lessThan": "*", "versionType": "rpm"}], "packageName": "xorg-x11-server", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:rhel_eus:9.4::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.4 Extended Update Support", "versions": [{"status": "unaffected", "version": "0:1.13.1-8.el9_4.7", "lessThan": "*", "versionType": "rpm"}], "packageName": "tigervnc", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:6"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "packageName": "xorg-x11-server", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2025-06-03T10:00:49.274000+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2025-06-17T00:00:00+00:00", "value": "Made public."}], "datePublic": "2025-06-17T00:00:00.000Z", "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:10258", "name": "RHSA-2025:10258", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10342", "name": "RHSA-2025:10342", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10343", "name": "RHSA-2025:10343", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10344", "name": "RHSA-2025:10344", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10346", "name": "RHSA-2025:10346", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10347", "name": "RHSA-2025:10347", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10348", "name": "RHSA-2025:10348", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10349", "name": "RHSA-2025:10349", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10350", "name": "RHSA-2025:10350", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10351", "name": "RHSA-2025:10351", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10352", "name": "RHSA-2025:10352", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10355", "name": "RHSA-2025:10355", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10356", "name": "RHSA-2025:10356", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10360", "name": "RHSA-2025:10360", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10370", "name": "RHSA-2025:10370", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10374", "name": "RHSA-2025:10374", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10375", "name": "RHSA-2025:10375", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10376", "name": "RHSA-2025:10376", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10377", "name": "RHSA-2025:10377", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10378", "name": "RHSA-2025:10378", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10381", "name": "RHSA-2025:10381", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:10410", "name": "RHSA-2025:10410", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9303", "name": "RHSA-2025:9303", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9304", "name": "RHSA-2025:9304", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9305", "name": "RHSA-2025:9305", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9306", "name": "RHSA-2025:9306", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9392", "name": "RHSA-2025:9392", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:9964", "name": "RHSA-2025:9964", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2025-49178", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369977", "name": "RHBZ#2369977", "tags": ["issue-tracking", "x_refsource_REDHAT"]}], "workarounds": [{"lang": "en", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}], "descriptions": [{"lang": "en", "value": "A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-667", "description": "Improper Locking"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-09-25T18:28:12.515Z"}, "x_redhatCweChain": "CWE-667: Improper Locking"}}, "cveMetadata": {"cveId": "CVE-2025-49178", "state": "PUBLISHED", "dateUpdated": "2025-09-25T18:28:12.515Z", "dateReserved": "2025-06-03T05:38:02.947Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2025-06-17T14:54:42.646Z", "assignerShortName": "redhat"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en el manejo de solicitudes del servidor X. Los \"bytes a ignorar\" distintos de cero en la solicitud de un cliente pueden provocar que el servidor omita el procesamiento de la solicitud de otro cliente, lo que puede conducir a una denegaci\u00f3n de servicio."}], "id": "CVE-2025-49178", "lastModified": "2025-07-07T15:15:26.997", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2025-06-17T15:15:45.813", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10258"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10342"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10343"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10344"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10346"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10347"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10348"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10349"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10350"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10351"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10352"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10355"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10356"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10360"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10370"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10374"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10375"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10376"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10377"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10378"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10381"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:10410"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:9303"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:9304"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:9305"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:9306"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:9392"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:9964"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/security/cve/CVE-2025-49178"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369977"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-667"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"affected_release": [{"advisory": "RHSA-2025:9304", "cpe": "cpe:/o:redhat:enterprise_linux:10.0", "package": "xorg-x11-server-Xwayland-0:24.1.5-4.el10_0", "product_name": "Red Hat Enterprise Linux 10", "release_date": "2025-06-23T00:00:00Z"}, {"advisory": "RHSA-2025:10377", "cpe": "cpe:/o:redhat:rhel_els:6", "package": "tigervnc-0:1.1.0-25.el6_10.1", "product_name": "Red Hat Enterprise Linux 6 Extended Lifecycle Support - EXTENSION", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10376", "cpe": "cpe:/o:redhat:rhel_aus:7.7", "package": "tigervnc-0:1.8.0-17.el7_7.1", "product_name": "Red Hat Enterprise Linux 7.7 Advanced Update Support", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10360", "cpe": "cpe:/o:redhat:rhel_els:7", "package": "xorg-x11-server-0:1.20.4-32.el7_9", "product_name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10375", "cpe": "cpe:/o:redhat:rhel_els:7", "package": "tigervnc-0:1.8.0-36.el7_9.2", "product_name": "Red Hat Enterprise Linux 7 Extended Lifecycle Support", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:9305", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "xorg-x11-server-0:1.20.11-26.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-06-23T00:00:00Z"}, {"advisory": "RHSA-2025:9305", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "xorg-x11-server-Xwayland-0:21.1.3-18.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-06-23T00:00:00Z"}, {"advisory": "RHSA-2025:9392", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "tigervnc-0:1.15.0-7.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-06-23T00:00:00Z"}, {"advisory": "RHSA-2025:10378", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "tigervnc-0:1.9.0-15.el8_2.14", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:9964", "cpe": "cpe:/a:redhat:rhel_aus:8.2", "package": "xorg-x11-server-0:1.20.6-4.el8_2", "product_name": "Red Hat Enterprise Linux 8.2 Advanced Update Support", "release_date": "2025-06-30T00:00:00Z"}, {"advisory": "RHSA-2025:10342", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "xorg-x11-server-0:1.20.10-2.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10349", "cpe": "cpe:/a:redhat:rhel_aus:8.4", "package": "tigervnc-0:1.11.0-8.el8_4.13", "product_name": "Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10342", "cpe": "cpe:/a:redhat:rhel_eus_long_life:8.4", "package": "xorg-x11-server-0:1.20.10-2.el8_4", "product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support EXTENSION", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10349", "cpe": "cpe:/a:redhat:rhel_eus_long_life:8.4", "package": "tigervnc-0:1.11.0-8.el8_4.13", "product_name": "Red Hat Enterprise Linux 8.4 Extended Update Support EXTENSION", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10344", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "tigervnc-0:1.12.0-6.el8_6.14", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10346", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "xorg-x11-server-Xwayland-0:21.1.3-2.el8_6.4", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10356", "cpe": "cpe:/a:redhat:rhel_aus:8.6", "package": "xorg-x11-server-0:1.20.11-5.el8_6.3", "product_name": "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10344", "cpe": "cpe:/a:redhat:rhel_eus_long_life:8.6", "package": "tigervnc-0:1.12.0-6.el8_6.14", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support EXTENSION", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10346", "cpe": "cpe:/a:redhat:rhel_eus_long_life:8.6", "package": "xorg-x11-server-Xwayland-0:21.1.3-2.el8_6.4", "product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support EXTENSION", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10344", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "tigervnc-0:1.12.0-6.el8_6.14", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10346", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "xorg-x11-server-Xwayland-0:21.1.3-2.el8_6.4", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10356", "cpe": "cpe:/a:redhat:rhel_tus:8.6", "package": "xorg-x11-server-0:1.20.11-5.el8_6.3", "product_name": "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10344", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "tigervnc-0:1.12.0-6.el8_6.14", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10346", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "xorg-x11-server-Xwayland-0:21.1.3-2.el8_6.4", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10356", "cpe": "cpe:/a:redhat:rhel_e4s:8.6", "package": "xorg-x11-server-0:1.20.11-5.el8_6.3", "product_name": "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10343", "cpe": "cpe:/a:redhat:rhel_eus_long_life:8.8", "package": "xorg-x11-server-0:1.20.11-16.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support EXTENSION", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10370", "cpe": "cpe:/a:redhat:rhel_eus_long_life:8.8", "package": "xorg-x11-server-Xwayland-0:21.1.3-11.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support EXTENSION", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10343", "cpe": "cpe:/a:redhat:rhel_tus:8.8", "package": "xorg-x11-server-0:1.20.11-16.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10355", "cpe": "cpe:/a:redhat:rhel_tus:8.8", "package": "tigervnc-0:1.12.0-15.el8_8.14", "product_name": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10370", "cpe": "cpe:/a:redhat:rhel_tus:8.8", "package": "xorg-x11-server-Xwayland-0:21.1.3-11.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Telecommunications Update Service", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10343", "cpe": "cpe:/a:redhat:rhel_e4s:8.8", "package": "xorg-x11-server-0:1.20.11-16.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10355", "cpe": "cpe:/a:redhat:rhel_e4s:8.8", "package": "tigervnc-0:1.12.0-15.el8_8.14", "product_name": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10370", "cpe": "cpe:/a:redhat:rhel_e4s:8.8", "package": "xorg-x11-server-Xwayland-0:21.1.3-11.el8_8", "product_name": "Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:9303", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "xorg-x11-server-0:1.20.11-31.el9_6", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-06-23T00:00:00Z"}, {"advisory": "RHSA-2025:9303", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "xorg-x11-server-Xwayland-0:23.2.7-4.el9_6", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-06-23T00:00:00Z"}, {"advisory": "RHSA-2025:9306", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "tigervnc-0:1.14.1-8.el9_6", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-06-23T00:00:00Z"}, {"advisory": "RHSA-2025:10348", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "xorg-x11-server-Xwayland-0:21.1.3-3.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10352", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "xorg-x11-server-0:1.20.11-11.el9_0", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10381", "cpe": "cpe:/a:redhat:rhel_e4s:9.0", "package": "tigervnc-0:1.11.0-22.el9_0.15", "product_name": "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10347", "cpe": "cpe:/a:redhat:rhel_e4s:9.2", "package": "xorg-x11-server-Xwayland-0:21.1.3-8.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10350", "cpe": "cpe:/a:redhat:rhel_e4s:9.2", "package": "xorg-x11-server-0:1.20.11-18.el9_2", "product_name": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10410", "cpe": "cpe:/a:redhat:rhel_e4s:9.2", "package": "tigervnc-0:1.12.0-14.el9_2.12", "product_name": "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10258", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "xorg-x11-server-Xwayland-0:22.1.9-6.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-07-02T00:00:00Z"}, {"advisory": "RHSA-2025:10351", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "xorg-x11-server-0:1.20.11-26.el9_4", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-07-07T00:00:00Z"}, {"advisory": "RHSA-2025:10374", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "tigervnc-0:1.13.1-8.el9_4.7", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-07-07T00:00:00Z"}], "bugzilla": {"description": "xorg-x11-server-Xwayland: xorg-x11-server: tigervnc: Unprocessed Client Request Due to Bytes to Ignore", "id": "2369977", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2369977"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-667", "details": ["A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service.", "A flaw was found in the X server's request handling. Non-zero 'bytes to ignore' in a client's request can cause the server to skip processing another client's request, potentially leading to a denial of service."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2025-49178", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Will not fix", "package_name": "xorg-x11-server", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2025-06-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-49178\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-49178"], "statement": "This vulnerability is rated as a moderate severity because the flaw exists in the X server\u2019s request handling logic, where the \u201cbytes to ignore\u201d field in a client request is not properly validated. A malicious client can submit a request specifying a non-zero 'bytes to ignore' value that exceeds the actual request size, causing the server to advance its internal input pointer incorrectly. As a result, the server may skip over pending requests from other clients, disrupting normal processing and effectively denying service to legitimate users. This vulnerability primarily impacts system availability", "threat_severity": "Moderate"}

{}