CVE-2022-3553

low-risk

Published 2022-10-17

A vulnerability, which was classified as problematic, was found in X.org Server. This affects an unknown part of the file hw/xquartz/X11Controller.m of the component xquartz. The manipulation leads to denial of service. It is recommended to apply a patch to fix this issue. The identifier VDB-211053 was assigned to this vulnerability.

Do I need to act?

0.12% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 3.5/10 Low

ADJACENT_NETWORK / LOW complexity

Affected Products (1)

X Server

Affected Vendors

X.Org

References (6)

Mailing List https://cgit.freedesktop.org/xorg/xserver/commit/?id=dfd057996b26420309c324ec844...

https://security.gentoo.org/glsa/202305-30

Third Party Advisory https://vuldb.com/?id.211053

Mailing List https://cgit.freedesktop.org/xorg/xserver/commit/?id=dfd057996b26420309c324ec844...

https://security.gentoo.org/glsa/202305-30

Third Party Advisory https://vuldb.com/?id.211053

/ 100

low-risk

Severity 13/34 · Low

Exploitability 1/34 · Minimal

Exposure 5/34 · Minimal