Lucene search

K

GoogleOSV:CVE-2018-20022

HistoryDec 19, 2018 - 4:29 p.m.

CVE-2018-20022

2018-12-1916:29:00

Google

osv.dev

12

AI Score

6.2

Confidence

Low

EPSS

0.005

Percentile

77.2%

LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information disclosure. Combined with another vulnerability, it can be used to leak stack memory layout and in bypassing ASLR

References

ics-cert.kaspersky.com/advisories/klcert-advisories/2018/12/19/klcert-18-032-libvnc-multiple-memory-leaks/

lists.debian.org/debian-lts-announce/2018/12/msg00017.html

lists.debian.org/debian-lts-announce/2019/10/msg00042.html

lists.debian.org/debian-lts-announce/2019/11/msg00033.html

lists.debian.org/debian-lts-announce/2019/12/msg00028.html

security.gentoo.org/glsa/201908-05

security.gentoo.org/glsa/202006-06

usn.ubuntu.com/3877-1/

usn.ubuntu.com/4547-1/

usn.ubuntu.com/4547-2/

usn.ubuntu.com/4587-1/

www.debian.org/security/2019/dsa-4383

AI Score

6.2

Confidence

Low

EPSS

0.005

Percentile

77.2%

Related for OSV:CVE-2018-20022

cvelist1 cve1 debiancve1 ubuntucve1 prion1 nvd1 redhatcve1 veracode1 gentoo2 debian6 nessus25 openvas19 osv8 ubuntu4 mageia2 suse2 rosalinux1