VYPR

Spice Gtk

by Xorg

Source repositories

CVEs (2)

  • CVE-2012-4425Sep 18, 2012
    risk 0.03cvss epss 0.01

    libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges and execute arbitrary code via the DBUS_SYSTEM_BUS_ADDRESS environment variable. NOTE: it could be argued that this is a vulnerability in the…

  • CVE-2020-14355Oct 7, 2020
    risk 0.00cvss epss 0.03

    Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affected by these flaws. These flaws allow a malicious client or server to send…