GCVE - cpe:2.3:a:x.org:libxi:1.6.2:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:x.org:libxi:1.6.2:*:*:*:*:*:*:*

part: a version: 1.6.2 update: *

Vendor	X.Org (`4cd053ee-09df-594a-873d-dbd09ec2f899`)
Product	Libxi (`37c8f91d-5616-5984-9447-74d7162f0929`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
`pkg:deb/debian/libxi`	purl2cpe	2026-06-01 10:14:02.527952
`pkg:deb/ubuntu/libxi`	purl2cpe	2026-06-01 10:14:02.527954
`pkg:github/freedesktop/xorg-libxi`	purl2cpe	2026-06-01 10:14:02.527955
`pkg:rpm/centos/libxi`	purl2cpe	2026-06-01 10:14:02.527957
`pkg:rpm/fedora/libxi`	purl2cpe	2026-06-01 10:14:02.527958
`pkg:rpm/opensuse/libxi`	purl2cpe	2026-06-01 10:14:02.527960

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2013-1998`	vulnerable	2026-06-03 14:32:53.101300	Details available Multiple buffer overflows in X.org libXi 1.7.1 and earlier allow X servers to cause a denial of service (crash) and possibly execute arbitrary code via crafted length or index values to the (1) XGetDeviceButtonMapping, (2) XIPassiveGrabDevice, and (3) XQueryDeviceState functions. Published: 2013-06-15T20:00:00.000Z Updated: 2024-08-06T15:20:37.377Z Open on db.gcve.eu Reference links http://www.ubuntu.com/usn/USN-1859-1 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html http://www.securityfocus.com/bid/60127 http://www.openwall.com/lists/oss-security/2013/05/23/3	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-1995`	vulnerable	2026-06-03 14:32:53.096413	Details available X.org libXi 1.7.1 and earlier allows X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to an unexpected sign extension in the XListInputDevices function. Published: 2013-06-15T20:00:00.000Z Updated: 2024-08-06T15:20:37.439Z Open on db.gcve.eu Reference links http://www.ubuntu.com/usn/USN-1859-1 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.securityfocus.com/bid/60124	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2013-1984`	vulnerable	2026-06-03 14:32:53.052717	Details available Multiple integer overflows in X.org libXi 1.7.1 and earlier allow X servers to trigger allocation of insufficient memory and a buffer overflow via vectors related to the (1) XGetDeviceControl, (2) XGetFeedbackControl, (3) XGetDeviceDontPropagateList, (4) XGetDeviceMotionEvents, (5) XIGetProperty, (6) XIGetSelectedEvents, (7) XGetDeviceProperties, and (8) XListInputDevices functions. Published: 2013-06-15T19:00:00.000Z Updated: 2024-08-06T15:20:37.417Z Open on db.gcve.eu Reference links http://www.ubuntu.com/usn/USN-1859-1 http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106913.html http://lists.opensuse.org/opensuse-updates/2013-06/msg00161.html http://www.openwall.com/lists/oss-security/2013/05/23/3 http://www.x.org/wiki/Development/Security/Advisory-2013-05-23	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.