{"id":"JLSEC-2026-475","details":"A vulnerability was found in libX11 due to an integer overflow within the XCreateImage() function. This flaw allows a local user to trigger an integer overflow and execute arbitrary code with elevated privileges.","modified":"2026-05-07T17:15:06.727171Z","published":"2026-05-07T17:12:07.051Z","upstream":["CVE-2023-43787"],"database_specific":{"license":"CC-BY-4.0","sources":[{"modified":"2025-11-04T20:17:07.523Z","database_specific":{"status":"Modified"},"imported":"2026-05-07T16:20:06.049Z","id":"CVE-2023-43787","html_url":"https://nvd.nist.gov/vuln/detail/CVE-2023-43787","url":"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2023-43787","published":"2023-10-10T13:15:22.083Z"}]},"references":[{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2024/01/24/9"},{"type":"WEB","url":"https://access.redhat.com/errata/RHSA-2024:2145"},{"type":"WEB","url":"https://access.redhat.com/errata/RHSA-2024:2145"},{"type":"WEB","url":"https://access.redhat.com/errata/RHSA-2024:2973"},{"type":"WEB","url":"https://access.redhat.com/errata/RHSA-2024:2973"},{"type":"WEB","url":"https://access.redhat.com/security/cve/CVE-2023-43787"},{"type":"WEB","url":"https://access.redhat.com/security/cve/CVE-2023-43787"},{"type":"WEB","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2242254"},{"type":"WEB","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2242254"},{"type":"WEB","url":"https://jfrog.com/blog/xorg-libx11-vulns-cve-2023-43786-cve-2023-43787-part-two/"},{"type":"WEB","url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00005.html"},{"type":"WEB","url":"https://security.netapp.com/advisory/ntap-20231103-0006/"}],"affected":[{"package":{"name":"Xorg_libX11_jll","ecosystem":"Julia","purl":"pkg:julia/Xorg_libX11_jll?uuid=4f6342f7-b3d2-589e-9d20-edeb45f2b2bc"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.8.12+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-475.json"}}],"schema_version":"1.7.5"}