{"id":"CVE-2015-3164","details":"The authentication setup in XWayland 1.16.x and 1.17.x before 1.17.2 starts the server in non-authenticating mode, which allows local users to read from or send information to arbitrary X11 clients via vectors involving a UNIX socket.","modified":"2026-04-16T06:18:42.837986994Z","published":"2015-07-01T14:59:07Z","related":["openSUSE-SU-2024:10518-1"],"references":[{"type":"ADVISORY","url":"http://lists.freedesktop.org/archives/wayland-devel/2015-June/022548.html"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201701-64"},{"type":"WEB","url":"http://lists.opensuse.org/opensuse-updates/2015-06/msg00044.html"},{"type":"WEB","url":"http://www.securityfocus.com/bid/75535"}],"schema_version":"1.7.5"}