{"url":"http://public2.vulnerablecode.io/api/packages/104309?format=json","purl":"pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie","type":"deb","namespace":"debian","name":"libvncserver","version":"0.9.9+dfsg-6.1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"0.9.11+dfsg-1","latest_non_vulnerable_version":"0.9.15+dfsg-5","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77662?format=json","vulnerability_id":"VCID-anph-aqhs-8qau","summary":"Multiple stack-based buffer overflows in the File Transfer feature in rfbserver.c in LibVNCServer 0.9.9 and earlier allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a (1) long file or (2) directory name or the (3) FileTime attribute in a rfbFileTransferOffer message.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6055.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6055.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6055","reference_id":"","reference_type":"","scores":[{"value":"0.11157","scoring_system":"epss","scoring_elements":"0.93626","published_at":"2026-06-04T12:55:00Z"},{"value":"0.11157","scoring_system":"epss","scoring_elements":"0.93636","published_at":"2026-06-06T12:55:00Z"},{"value":"0.11157","scoring_system":"epss","scoring_elements":"0.93635","published_at":"2026-06-07T12:55:00Z"},{"value":"0.11157","scoring_system":"epss","scoring_elements":"0.93634","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6055"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1144293","reference_id":"1144293","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1144293"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745","reference_id":"762745","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745"},{"reference_url":"https://security.gentoo.org/glsa/201507-07","reference_id":"GLSA-201507-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201507-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1826","reference_id":"RHSA-2014:1826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1827","reference_id":"RHSA-2014:1827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1827"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0113","reference_id":"RHSA-2015:0113","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0113"},{"reference_url":"https://usn.ubuntu.com/2365-1/","reference_id":"USN-2365-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2365-1/"},{"reference_url":"https://usn.ubuntu.com/4587-1/","reference_id":"USN-4587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4587-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/104309?format=json","purl":"pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.9%252Bdfsg-6.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104305?format=json","purl":"pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29gt-w9qk-a3ac"},{"vulnerability":"VCID-878j-2fje-33c9"},{"vulnerability":"VCID-znxq-kbyc-h7cd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104303?format=json","purl":"pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29gt-w9qk-a3ac"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104307?format=json","purl":"pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29gt-w9qk-a3ac"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104306?format=json","purl":"pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-5%3Fdistro=trixie"}],"aliases":["CVE-2014-6055"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-anph-aqhs-8qau"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77657?format=json","vulnerability_id":"VCID-cwdf-wcu5-n3gm","summary":"Integer overflow in the MallocFrameBuffer function in vncviewer.c in LibVNCServer 0.9.9 and earlier allows remote VNC servers to cause a denial of service (crash) and possibly execute arbitrary code via an advertisement for a large screen size, which triggers a heap-based buffer overflow.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6051.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6051.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6051","reference_id":"","reference_type":"","scores":[{"value":"0.07984","scoring_system":"epss","scoring_elements":"0.9223","published_at":"2026-06-04T12:55:00Z"},{"value":"0.07984","scoring_system":"epss","scoring_elements":"0.92242","published_at":"2026-06-05T12:55:00Z"},{"value":"0.07984","scoring_system":"epss","scoring_elements":"0.9224","published_at":"2026-06-06T12:55:00Z"},{"value":"0.07984","scoring_system":"epss","scoring_elements":"0.92238","published_at":"2026-06-07T12:55:00Z"},{"value":"0.07984","scoring_system":"epss","scoring_elements":"0.92239","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6051"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1144287","reference_id":"1144287","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1144287"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745","reference_id":"762745","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745"},{"reference_url":"https://security.gentoo.org/glsa/201507-07","reference_id":"GLSA-201507-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201507-07"},{"reference_url":"https://security.gentoo.org/glsa/201612-36","reference_id":"GLSA-201612-36","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201612-36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1826","reference_id":"RHSA-2014:1826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2015:0113","reference_id":"RHSA-2015:0113","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2015:0113"},{"reference_url":"https://usn.ubuntu.com/2365-1/","reference_id":"USN-2365-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2365-1/"},{"reference_url":"https://usn.ubuntu.com/4587-1/","reference_id":"USN-4587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4587-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/104309?format=json","purl":"pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.9%252Bdfsg-6.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104305?format=json","purl":"pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29gt-w9qk-a3ac"},{"vulnerability":"VCID-878j-2fje-33c9"},{"vulnerability":"VCID-znxq-kbyc-h7cd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104303?format=json","purl":"pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29gt-w9qk-a3ac"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104307?format=json","purl":"pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29gt-w9qk-a3ac"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104306?format=json","purl":"pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-5%3Fdistro=trixie"}],"aliases":["CVE-2014-6051"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-cwdf-wcu5-n3gm"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77658?format=json","vulnerability_id":"VCID-e1ts-esgr-xfgj","summary":"The HandleRFBServerMessage function in libvncclient/rfbproto.c in LibVNCServer 0.9.9 and earlier does not check certain malloc return values, which allows remote VNC servers to cause a denial of service (application crash) or possibly execute arbitrary code by specifying a large screen size in a (1) FramebufferUpdate, (2) ResizeFrameBuffer, or (3) PalmVNCReSizeFrameBuffer message.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6052.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6052.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6052","reference_id":"","reference_type":"","scores":[{"value":"0.0454","scoring_system":"epss","scoring_elements":"0.89364","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0454","scoring_system":"epss","scoring_elements":"0.89383","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0454","scoring_system":"epss","scoring_elements":"0.89382","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0454","scoring_system":"epss","scoring_elements":"0.89381","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1144288","reference_id":"1144288","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1144288"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745","reference_id":"762745","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745"},{"reference_url":"https://security.gentoo.org/glsa/201507-07","reference_id":"GLSA-201507-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201507-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1826","reference_id":"RHSA-2014:1826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1826"},{"reference_url":"https://usn.ubuntu.com/2365-1/","reference_id":"USN-2365-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2365-1/"},{"reference_url":"https://usn.ubuntu.com/4587-1/","reference_id":"USN-4587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4587-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/104309?format=json","purl":"pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.9%252Bdfsg-6.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104305?format=json","purl":"pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29gt-w9qk-a3ac"},{"vulnerability":"VCID-878j-2fje-33c9"},{"vulnerability":"VCID-znxq-kbyc-h7cd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104303?format=json","purl":"pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29gt-w9qk-a3ac"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104307?format=json","purl":"pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29gt-w9qk-a3ac"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104306?format=json","purl":"pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-5%3Fdistro=trixie"}],"aliases":["CVE-2014-6052"],"risk_score":null,"exploitability":"0.5","weighted_severity":"0.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-e1ts-esgr-xfgj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77660?format=json","vulnerability_id":"VCID-n7ve-shr4-fuef","summary":"The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier does not properly handle attempts to send a large amount of ClientCutText data, which allows remote attackers to cause a denial of service (memory consumption or daemon crash) via a crafted message that is processed by using a single unchecked malloc.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6053.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6053.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6053","reference_id":"","reference_type":"","scores":[{"value":"0.36865","scoring_system":"epss","scoring_elements":"0.97236","published_at":"2026-06-04T12:55:00Z"},{"value":"0.36865","scoring_system":"epss","scoring_elements":"0.97239","published_at":"2026-06-05T12:55:00Z"},{"value":"0.36865","scoring_system":"epss","scoring_elements":"0.97241","published_at":"2026-06-06T12:55:00Z"},{"value":"0.36865","scoring_system":"epss","scoring_elements":"0.97243","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1144289","reference_id":"1144289","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1144289"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745","reference_id":"762745","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784","reference_id":"945784","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945784"},{"reference_url":"https://security.gentoo.org/glsa/201507-07","reference_id":"GLSA-201507-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201507-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1826","reference_id":"RHSA-2014:1826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1827","reference_id":"RHSA-2014:1827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1827"},{"reference_url":"https://usn.ubuntu.com/2365-1/","reference_id":"USN-2365-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2365-1/"},{"reference_url":"https://usn.ubuntu.com/4573-1/","reference_id":"USN-4573-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4573-1/"},{"reference_url":"https://usn.ubuntu.com/4587-1/","reference_id":"USN-4587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4587-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/104309?format=json","purl":"pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.9%252Bdfsg-6.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104305?format=json","purl":"pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29gt-w9qk-a3ac"},{"vulnerability":"VCID-878j-2fje-33c9"},{"vulnerability":"VCID-znxq-kbyc-h7cd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104303?format=json","purl":"pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29gt-w9qk-a3ac"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104307?format=json","purl":"pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29gt-w9qk-a3ac"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104306?format=json","purl":"pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-5%3Fdistro=trixie"}],"aliases":["CVE-2014-6053"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-n7ve-shr4-fuef"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/77661?format=json","vulnerability_id":"VCID-wzd7-av4a-g7bj","summary":"The rfbProcessClientNormalMessage function in libvncserver/rfbserver.c in LibVNCServer 0.9.9 and earlier allows remote attackers to cause a denial of service (divide-by-zero error and server crash) via a zero value in the scaling factor in a (1) PalmVNCSetScaleFactor or (2) SetScale message.","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6054.json","reference_id":"","reference_type":"","scores":[],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6054.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6054","reference_id":"","reference_type":"","scores":[{"value":"0.37747","scoring_system":"epss","scoring_elements":"0.97287","published_at":"2026-06-04T12:55:00Z"},{"value":"0.37747","scoring_system":"epss","scoring_elements":"0.97292","published_at":"2026-06-05T12:55:00Z"},{"value":"0.37747","scoring_system":"epss","scoring_elements":"0.97293","published_at":"2026-06-06T12:55:00Z"},{"value":"0.37747","scoring_system":"epss","scoring_elements":"0.97294","published_at":"2026-06-07T12:55:00Z"},{"value":"0.37747","scoring_system":"epss","scoring_elements":"0.97295","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6054"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6051"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6052"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6053"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6054"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6055"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1144291","reference_id":"1144291","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1144291"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745","reference_id":"762745","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762745"},{"reference_url":"https://security.gentoo.org/glsa/201507-07","reference_id":"GLSA-201507-07","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201507-07"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1826","reference_id":"RHSA-2014:1826","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1826"},{"reference_url":"https://access.redhat.com/errata/RHSA-2014:1827","reference_id":"RHSA-2014:1827","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2014:1827"},{"reference_url":"https://usn.ubuntu.com/2365-1/","reference_id":"USN-2365-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/2365-1/"},{"reference_url":"https://usn.ubuntu.com/4587-1/","reference_id":"USN-4587-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/4587-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/104309?format=json","purl":"pkg:deb/debian/libvncserver@0.9.9%2Bdfsg-6.1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.9%252Bdfsg-6.1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104305?format=json","purl":"pkg:deb/debian/libvncserver@0.9.13%2Bdfsg-2%2Bdeb11u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29gt-w9qk-a3ac"},{"vulnerability":"VCID-878j-2fje-33c9"},{"vulnerability":"VCID-znxq-kbyc-h7cd"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.13%252Bdfsg-2%252Bdeb11u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104303?format=json","purl":"pkg:deb/debian/libvncserver@0.9.14%2Bdfsg-1%2Bdeb12u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29gt-w9qk-a3ac"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.14%252Bdfsg-1%252Bdeb12u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104307?format=json","purl":"pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-29gt-w9qk-a3ac"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/104306?format=json","purl":"pkg:deb/debian/libvncserver@0.9.15%2Bdfsg-5?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.15%252Bdfsg-5%3Fdistro=trixie"}],"aliases":["CVE-2014-6054"],"risk_score":0.1,"exploitability":"0.5","weighted_severity":"0.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wzd7-av4a-g7bj"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/libvncserver@0.9.9%252Bdfsg-6.1%3Fdistro=trixie"}