GCVE - cpe:2.3:a:x.org:libx11:1.0.3:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:x.org:libx11:1.0.3:*:*:*:*:*:*:*

part: a version: 1.0.3 update: *

Vendor	X.Org (`4cd053ee-09df-594a-873d-dbd09ec2f899`)
Product	Libx11 (`84a5de84-a853-5bde-94dd-9c56e40693b8`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:bitbucket/janisozaur-test/libx11`	purl2cpe	2026-06-01 10:14:02.561097
`pkg:deb/debian/libx11`	purl2cpe	2026-06-01 10:14:02.561098
`pkg:deb/ubuntu/libx11`	purl2cpe	2026-06-01 10:14:02.561100
`pkg:github/freedesktop/xorg-libx11`	purl2cpe	2026-06-01 10:14:02.561101
`pkg:github/mirror/libx11`	purl2cpe	2026-06-01 10:14:02.561102
`pkg:rpm/centos/libx11`	purl2cpe	2026-06-01 10:14:02.561104
`pkg:rpm/fedora/libx11`	purl2cpe	2026-06-01 10:14:02.561105
`pkg:rpm/opensuse/libx11`	purl2cpe	2026-06-01 10:14:02.561107

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2013-7439`	vulnerable	2026-06-03 14:33:35.752840	Details available Multiple off-by-one errors in the (1) MakeBigReq and (2) SetReqLen macros in include/X11/Xlibint.h in X11R6.x and libX11 before 1.6.0 allow remote attackers to have unspecified impact via a crafted request, which triggers a buffer overflow. Published: 2015-04-16T14:00:00.000Z Updated: 2024-08-06T18:09:16.255Z Open on db.gcve.eu Reference links http://www.ubuntu.com/usn/USN-2568-1 http://www.oracle.com/technetwork/topics/security/bulletinjul2015-2511963.html http://www.securityfocus.com/bid/73962 http://www.debian.org/security/2015/dsa-3224 http://seclists.org/oss-sec/2015/q2/81	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2006-5397`	vulnerable	2026-06-03 14:27:45.725038	Details available The Xinput module (modules/im/ximcp/imLcIm.c) in X.Org libX11 1.0.2 and 1.0.3 opens a file for reading twice using the same file descriptor, which causes a file descriptor leak that allows local users to read files specified by the XCOMPOSEFILE environment variable via the duplicate file descriptor. Published: 2006-11-03T00:00:00.000Z Updated: 2024-08-07T19:48:30.400Z Open on db.gcve.eu Reference links http://secunia.com/advisories/22749 http://www.securityfocus.com/bid/20845 https://bugs.freedesktop.org/show_bug.cgi?id=8699 http://www.vupen.com/english/advisories/2006/4289 http://secunia.com/advisories/22642	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.