GCVE - cpe:2.3:a:x:libx11:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:x:libx11:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	X (`a2acdb6f-4f26-543b-8294-d5d6397c9211`)
Product	Libx11 (`c6059256-7b6e-587d-8262-231f533e091b`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from purl2cpe mapping

PURL mappings

PURL	Source	Last updated
`pkg:bitbucket/janisozaur-test/libx11`	purl2cpe	2026-06-01 10:12:31.315140
`pkg:deb/debian/libx11`	purl2cpe	2026-06-01 10:12:31.315143
`pkg:deb/ubuntu/libx11`	purl2cpe	2026-06-01 10:12:31.315146
`pkg:github/freedesktop/xorg-libx11`	purl2cpe	2026-06-01 10:12:31.315148
`pkg:github/mirror/libx11`	purl2cpe	2026-06-01 10:12:31.315158
`pkg:rpm/centos/libx11`	purl2cpe	2026-06-01 10:12:31.315161
`pkg:rpm/fedora/libx11`	purl2cpe	2026-06-01 10:12:31.315164
`pkg:rpm/opensuse/libx11`	purl2cpe	2026-06-01 10:12:31.315166

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2013-2004`	vulnerable	2026-06-03 14:32:53.136550	Details available The (1) GetDatabase and (2) _XimParseStringFile functions in X.org libX11 1.5.99.901 (1.6 RC1) and earlier do not restrict the recursion depth when processing directives to include files, which allows X servers to cause a denial of service (stack consumption) via a crafted file. Published: 2013-06-15T20:00:00.000Z Updated: 2024-08-06T15:20:37.362Z Open on db.gcve.eu Reference links http://www.ubuntu.com/usn/USN-1854-1 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 http://www.debian.org/security/2013/dsa-2693	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-1997`	vulnerable	2026-06-03 14:32:53.100736	Details available Multiple buffer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XAllocColorCells, (2) _XkbReadGetDeviceInfoReply, (3) _XkbReadGeomShapes, (4) _XkbReadGetGeometryReply, (5) _XkbReadKeySyms, (6) _XkbReadKeyActions, (7) _XkbReadKeyBehaviors, (8) _XkbReadModifierMap, (9) _XkbReadExplicitComponents, (10) _XkbReadVirtualModMap, (11) _XkbReadGetNamesReply, (12) _XkbReadGetMapReply, (13) _XimXGetReadData, (14) XListFonts, (15) XListExtensions, and (16) XGetFontPath functions. Published: 2013-06-15T20:00:00.000Z Updated: 2024-08-06T15:20:37.449Z Open on db.gcve.eu Reference links http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106781.html http://www.ubuntu.com/usn/USN-1854-1 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23 http://www.debian.org/security/2013/dsa-2693	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-1981`	vulnerable	2026-06-03 14:32:53.036754	Details available Multiple integer overflows in X.org libX11 1.5.99.901 (1.6 RC1) and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XQueryFont, (2) _XF86BigfontQueryFont, (3) XListFontsWithInfo, (4) XGetMotionEvents, (5) XListHosts, (6) XGetModifierMapping, (7) XGetPointerMapping, (8) XGetKeyboardMapping, (9) XGetWindowProperty, (10) XGetImage, (11) LoadColornameDB, (12) XrmGetFileDatabase, (13) _XimParseStringFile, or (14) TransFileName functions. Published: 2013-06-15T19:00:00.000Z Updated: 2024-08-06T15:20:37.327Z Open on db.gcve.eu Reference links http://www.securityfocus.com/bid/60120 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106781.html http://www.ubuntu.com/usn/USN-1854-1 http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.