Xcb Security Vulnerabilities and Issues — Xcb CVE List

Lucene search

Xcb ProjectXcb

5 matches found

CVE•added 2021/02/09 11:15 p.m.•227 views

CVE-2021-26958

An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because transmutation to the wrong type can happen after xcb::base::cast_event uses std::mem::transmute to return a reference to an arbitrary type.

8.8CVSS9AI score0.00552EPSS

CVE•added 2021/02/09 11:15 p.m.•222 views

CVE-2021-26956

An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because bytes from an X server can be interpreted as any data type returned by xcb::xproto::GetPropertyReply::value.

9.8CVSS9.2AI score0.00504EPSS

CVE•added 2021/02/09 11:15 p.m.•68 views

CVE-2021-26957

An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because there is an out-of-bounds read in xcb::xproto::change_property(), as demonstrated by a format=32 T=u8 situation where out-of-bounds bytes are sent to an X server.

9.8CVSS9.1AI score0.00504EPSS

CVE•added 2021/02/09 11:15 p.m.•64 views

CVE-2021-26955

An issue was discovered in the xcb crate through 2021-02-04 for Rust. It has a soundness violation because xcb::xproto::GetAtomNameReply::name() calls std::str::from_utf8_unchecked() on unvalidated bytes from an X server.

9.8CVSS9.3AI score0.00504EPSS

CVE•added 2021/01/26 6:15 p.m.•40 views

CVE-2020-36205

An issue was discovered in the xcb crate through 2020-12-10 for Rust. base::Error does not have soundness. Because of the public ptr field, a use-after-free or double-free can occur.

5.5CVSS5.4AI score0.00059EPSS