{
  "threat_severity" : "Moderate",
  "public_date" : "2023-10-04T00:00:00Z",
  "bugzilla" : {
    "description" : "libX11: integer overflow in XCreateImage() leading to a heap overflow",
    "id" : "2242254",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2242254"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.8",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-122",
  "details" : [ "A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.", "A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges." ],
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2024-05-22T00:00:00Z",
    "advisory" : "RHSA-2024:2973",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "libX11-0:1.6.8-8.el8"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2024-04-30T00:00:00Z",
    "advisory" : "RHSA-2024:2145",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "libX11-0:1.7.0-9.el9"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "libX11",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "libX11",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-43787\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-43787" ],
  "name" : "CVE-2023-43787",
  "csaw" : false
}