Vulnerability Details CVE-2022-26530
swaylock before 1.6 allows attackers to trigger a crash and achieve unlocked access to a Wayland compositor.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 67.5%
CVSS Severity
CVSS v3 Score 9.1
CVSS v2 Score 6.4
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2066596
- https://github.com/swaywm/swaylock/commit/1d1c75b6316d21933069a9d201f966d84099f6ca
- https://github.com/swaywm/swaylock/pull/219
- https://bugzilla.redhat.com/show_bug.cgi?id=2066596
- https://github.com/swaywm/swaylock/commit/1d1c75b6316d21933069a9d201f966d84099f6ca
- https://github.com/swaywm/swaylock/pull/219
Products affected by CVE-2022-26530
-
cpe:2.3:a:swaywm:swaylock:1.0
-
cpe:2.3:a:swaywm:swaylock:1.1
-
cpe:2.3:a:swaywm:swaylock:1.2
-
cpe:2.3:a:swaywm:swaylock:1.3
-
cpe:2.3:a:swaywm:swaylock:1.4
-
cpe:2.3:a:swaywm:swaylock:1.5