CVE-2013-4426: pyxtrlock mis-spelled variable name

May 19, 2014

pyxtrlock uses an incorrect variable name, which allows physically proximate attackers to bypass the lock screen via multiple failed authentication attempts, which trigger a crash.

References

seclists.org/oss-sec/2013/q4/109
github.com/leonnnn/pyxtrlock/issues/8

Code Behaviors & Features

Detect and mitigate CVE-2013-4426 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →