rpm package
opensuse/LibVNCServer&distro=openSUSE Leap 15.2
pkg:rpm/opensuse/LibVNCServer&distro=openSUSE%20Leap%2015.2
Vulnerabilities (11)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2020-25708 | — | < 0.9.10-lp152.9.8.1 | 0.9.10-lp152.9.8.1 | Nov 27, 2020 | A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service. | ||
| CVE-2017-18922 | — | < 0.9.10-lp152.9.4.1 | 0.9.10-lp152.9.4.1 | Jun 30, 2020 | It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow. | ||
| CVE-2020-14397 | — | < 0.9.10-lp152.9.8.1 | 0.9.10-lp152.9.8.1 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference. | ||
| CVE-2020-14398 | — | < 0.9.10-lp152.9.8.1 | 0.9.10-lp152.9.8.1 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c. | ||
| CVE-2020-14399 | — | < 0.9.10-lp152.9.8.1 | 0.9.10-lp152.9.8.1 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed. | ||
| CVE-2020-14400 | — | < 0.9.10-lp152.9.8.1 | 0.9.10-lp152.9.8.1 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary | ||
| CVE-2020-14401 | — | < 0.9.10-lp152.9.8.1 | 0.9.10-lp152.9.8.1 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow. | ||
| CVE-2020-14402 | — | < 0.9.10-lp152.9.8.1 | 0.9.10-lp152.9.8.1 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings. | ||
| CVE-2019-20839 | — | < 0.9.10-lp152.9.8.1 | 0.9.10-lp152.9.8.1 | Jun 17, 2020 | libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename. | ||
| CVE-2019-20840 | — | < 0.9.10-lp152.9.8.1 | 0.9.10-lp152.9.8.1 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode. | ||
| CVE-2018-21247 | — | < 0.9.10-lp152.9.8.1 | 0.9.10-lp152.9.8.1 | Jun 17, 2020 | An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function. |
- CVE-2020-25708Nov 27, 2020affected < 0.9.10-lp152.9.8.1fixed 0.9.10-lp152.9.8.1
A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service.
- CVE-2017-18922Jun 30, 2020affected < 0.9.10-lp152.9.4.1fixed 0.9.10-lp152.9.4.1
It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overflow.
- CVE-2020-14397Jun 17, 2020affected < 0.9.10-lp152.9.8.1fixed 0.9.10-lp152.9.8.1
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.
- CVE-2020-14398Jun 17, 2020affected < 0.9.10-lp152.9.8.1fixed 0.9.10-lp152.9.8.1
An issue was discovered in LibVNCServer before 0.9.13. An improperly closed TCP connection causes an infinite loop in libvncclient/sockets.c.
- CVE-2020-14399Jun 17, 2020affected < 0.9.10-lp152.9.8.1fixed 0.9.10-lp152.9.8.1
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed.
- CVE-2020-14400Jun 17, 2020affected < 0.9.10-lp152.9.8.1fixed 0.9.10-lp152.9.8.1
An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary
- CVE-2020-14401Jun 17, 2020affected < 0.9.10-lp152.9.8.1fixed 0.9.10-lp152.9.8.1
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.
- CVE-2020-14402Jun 17, 2020affected < 0.9.10-lp152.9.8.1fixed 0.9.10-lp152.9.8.1
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.
- CVE-2019-20839Jun 17, 2020affected < 0.9.10-lp152.9.8.1fixed 0.9.10-lp152.9.8.1
libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.
- CVE-2019-20840Jun 17, 2020affected < 0.9.10-lp152.9.8.1fixed 0.9.10-lp152.9.8.1
An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.
- CVE-2018-21247Jun 17, 2020affected < 0.9.10-lp152.9.8.1fixed 0.9.10-lp152.9.8.1
An issue was discovered in LibVNCServer before 0.9.13. There is an information leak (of uninitialized memory contents) in the libvncclient/rfbproto.c ConnectToRFBRepeater function.