Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/359654?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/359654?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86&distroversion=v3.13&reponame=community", "type": "apk", "namespace": "alpine", "name": "libvncserver", "version": "0.9.13-r0", "qualifiers": { "arch": "x86", "distroversion": "v3.13", "reponame": "community" }, "subpath": "", "is_vulnerable": false, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [], "fixing_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77701?format=api", "vulnerability_id": "VCID-3gf3-zrf8-uuc5", "summary": "A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25708.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25708.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25708", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.74116", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.74149", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.74154", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.00784", "scoring_system": "epss", "scoring_elements": "0.7414", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-25708" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25708", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25708" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1896739", "reference_id": "1896739", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1896739" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1811", "reference_id": "RHSA-2021:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1811" }, { "reference_url": "https://usn.ubuntu.com/4636-1/", "reference_id": "USN-4636-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4636-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/359654?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86&distroversion=v3.13&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86&distroversion=v3.13&reponame=community" } ], "aliases": [ "CVE-2020-25708" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3gf3-zrf8-uuc5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77696?format=api", "vulnerability_id": "VCID-9d78-wqhh-pbcn", "summary": "An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14402.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14402.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14402", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0257", "scoring_system": "epss", "scoring_elements": "0.8582", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.0257", "scoring_system": "epss", "scoring_elements": "0.85842", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0257", "scoring_system": "epss", "scoring_elements": "0.85843", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.0257", "scoring_system": "epss", "scoring_elements": "0.8584", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14402" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14402", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14402" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860367", "reference_id": "1860367", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860367" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" }, { "reference_url": "https://usn.ubuntu.com/4573-1/", "reference_id": "USN-4573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4573-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/359654?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86&distroversion=v3.13&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86&distroversion=v3.13&reponame=community" } ], "aliases": [ "CVE-2020-14402" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9d78-wqhh-pbcn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77686?format=api", "vulnerability_id": "VCID-eks9-j9wf-q7cn", "summary": "libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20839.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20839.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20839", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.04134", "scoring_system": "epss", "scoring_elements": "0.88842", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.04134", "scoring_system": "epss", "scoring_elements": "0.88859", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.04134", "scoring_system": "epss", "scoring_elements": "0.88857", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20839" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20839", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20839" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849877", "reference_id": "1849877", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849877" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1811", "reference_id": "RHSA-2021:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1811" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/359654?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86&distroversion=v3.13&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86&distroversion=v3.13&reponame=community" } ], "aliases": [ "CVE-2019-20839" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eks9-j9wf-q7cn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77697?format=api", "vulnerability_id": "VCID-hh4x-d9pd-ebe4", "summary": "An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14403.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14403.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14403", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.80295", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.8032", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.80323", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.80319", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14403" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14403", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14403" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860334", "reference_id": "1860334", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860334" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" }, { "reference_url": "https://usn.ubuntu.com/4573-1/", "reference_id": "USN-4573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4573-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/359654?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86&distroversion=v3.13&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86&distroversion=v3.13&reponame=community" } ], "aliases": [ "CVE-2020-14403" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-hh4x-d9pd-ebe4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77691?format=api", "vulnerability_id": "VCID-j4zz-yk4y-y7ds", "summary": "An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly \"no trust boundary crossed.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14399.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14399.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14399", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85524", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85547", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85552", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14399" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14399", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14399" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860354", "reference_id": "1860354", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860354" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/359654?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86&distroversion=v3.13&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86&distroversion=v3.13&reponame=community" } ], "aliases": [ "CVE-2020-14399" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j4zz-yk4y-y7ds" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77687?format=api", "vulnerability_id": "VCID-jn8p-cbaf-uqc7", "summary": "An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20840.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20840.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20840", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86689", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86712", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.8671", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.02935", "scoring_system": "epss", "scoring_elements": "0.86707", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2019-20840" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20840", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20840" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849881", "reference_id": "1849881", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1849881" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/359654?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86&distroversion=v3.13&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86&distroversion=v3.13&reponame=community" } ], "aliases": [ "CVE-2019-20840" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jn8p-cbaf-uqc7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77693?format=api", "vulnerability_id": "VCID-t4ke-zyfm-nqd3", "summary": "An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14401.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14401.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14401", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01299", "scoring_system": "epss", "scoring_elements": "0.80062", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01299", "scoring_system": "epss", "scoring_elements": "0.80088", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01299", "scoring_system": "epss", "scoring_elements": "0.80092", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01299", "scoring_system": "epss", "scoring_elements": "0.80087", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14401" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14401", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14401" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860364", "reference_id": "1860364", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860364" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/359654?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86&distroversion=v3.13&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86&distroversion=v3.13&reponame=community" } ], "aliases": [ "CVE-2020-14401" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-t4ke-zyfm-nqd3" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77699?format=api", "vulnerability_id": "VCID-uw43-p37a-syec", "summary": "An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14404.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14404.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14404", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.80295", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.8032", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.80323", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01332", "scoring_system": "epss", "scoring_elements": "0.80319", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14404" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14404", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14404" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860337", "reference_id": "1860337", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860337" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" }, { "reference_url": "https://usn.ubuntu.com/4573-1/", "reference_id": "USN-4573-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4573-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/359654?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86&distroversion=v3.13&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86&distroversion=v3.13&reponame=community" } ], "aliases": [ "CVE-2020-14404" ], "risk_score": 2.5, "exploitability": "0.5", "weighted_severity": "4.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-uw43-p37a-syec" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77700?format=api", "vulnerability_id": "VCID-vdnw-c2k8-pfdy", "summary": "An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14405.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14405.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14405", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01401", "scoring_system": "epss", "scoring_elements": "0.80763", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01401", "scoring_system": "epss", "scoring_elements": "0.80791", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.01401", "scoring_system": "epss", "scoring_elements": "0.80792", "published_at": "2026-06-06T12:55:00Z" }, { "value": "0.01401", "scoring_system": "epss", "scoring_elements": "0.80789", "published_at": "2026-06-07T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14405" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14405", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14405" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860325", "reference_id": "1860325", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860325" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2021:1811", "reference_id": "RHSA-2021:1811", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2021:1811" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/359654?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86&distroversion=v3.13&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86&distroversion=v3.13&reponame=community" } ], "aliases": [ "CVE-2020-14405" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vdnw-c2k8-pfdy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/77692?format=api", "vulnerability_id": "VCID-yzge-5eyr-3kc8", "summary": "An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14400.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14400.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14400", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85524", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85547", "published_at": "2026-06-07T12:55:00Z" }, { "value": "0.02462", "scoring_system": "epss", "scoring_elements": "0.85552", "published_at": "2026-06-06T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2020-14400" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14400", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14400" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860361", "reference_id": "1860361", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1860361" }, { "reference_url": "https://usn.ubuntu.com/4434-1/", "reference_id": "USN-4434-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/4434-1/" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/359654?format=api", "purl": "pkg:apk/alpine/libvncserver@0.9.13-r0?arch=x86&distroversion=v3.13&reponame=community", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86&distroversion=v3.13&reponame=community" } ], "aliases": [ "CVE-2020-14400" ], "risk_score": 1.1, "exploitability": "0.5", "weighted_severity": "2.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-yzge-5eyr-3kc8" } ], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=x86&distroversion=v3.13&reponame=community" }