CVE-2013-4427: Improper Input Validation

May 19, 2014

pyxtrlock does not properly check the return values of the (1) xcb_grab_pointer and (2) xcb_grab_keyboard XCB library functions, which allows physically proximate attackers to gain access to the keyboard or mouse without unlocking the screen via unspecified vectors.

References

seclists.org/oss-sec/2013/q4/109
github.com/leonnnn/pyxtrlock/commit/fd5dafe

Code Behaviors & Features

Detect and mitigate CVE-2013-4427 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →