Description
pyxtrlock before 0.2 does not properly check the return values of the (1) xcb_grab_pointer and (2) xcb_grab_keyboard XCB library functions, which allows physically proximate attackers to gain access to the keyboard or mouse without unlocking the screen via unspecified vectors.
References (3)
Core 3
Core References
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/09/25/16
Various Sources x_refsource_confirm
https://github.com/leonnnn/pyxtrlock/blob/master/CHANGELOG
Mailing List mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2013/10/16/8
Scores
EPSS
0.0007
EPSS Percentile
21.0%
Details
CWE
CWE-20
Status
published
Products (2)
leon_weber/pyxtrlock
0.1 beta
leon_weber/pyxtrlock
< 0.1
Published
May 19, 2014
Tracked Since
Feb 18, 2026