Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
Typeapk
Namespacealpine
Namelibvncserver
Version0.9.13-r0
Qualifiers
arch armv7
distroversion v3.22
reponame community
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version0.9.13-r5
Latest_non_vulnerable_version0.9.13-r5
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-3gf3-zrf8-uuc5
vulnerability_id VCID-3gf3-zrf8-uuc5
summary A divide by zero issue was found to occur in libvncserver-0.9.12. A malicious client could use this flaw to send a specially crafted message that, when processed by the VNC server, would lead to a floating point exception, resulting in a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25708.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-25708.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-25708
reference_id
reference_type
scores
0
value 0.00784
scoring_system epss
scoring_elements 0.74116
published_at 2026-06-04T12:55:00Z
1
value 0.00784
scoring_system epss
scoring_elements 0.74149
published_at 2026-06-05T12:55:00Z
2
value 0.00784
scoring_system epss
scoring_elements 0.74154
published_at 2026-06-06T12:55:00Z
3
value 0.00784
scoring_system epss
scoring_elements 0.7414
published_at 2026-06-07T12:55:00Z
4
value 0.00784
scoring_system epss
scoring_elements 0.74123
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-25708
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25708
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25708
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1896739
reference_id 1896739
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1896739
4
reference_url https://access.redhat.com/errata/RHSA-2021:1811
reference_id RHSA-2021:1811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1811
5
reference_url https://usn.ubuntu.com/4636-1/
reference_id USN-4636-1
reference_type
scores
url https://usn.ubuntu.com/4636-1/
fixed_packages
0
url pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=armv7&distroversion=v3.22&reponame=community
aliases CVE-2020-25708
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3gf3-zrf8-uuc5
1
url VCID-72vg-qxu9-nkfy
vulnerability_id VCID-72vg-qxu9-nkfy
summary An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14397.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14397.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14397
reference_id
reference_type
scores
0
value 0.04438
scoring_system epss
scoring_elements 0.89236
published_at 2026-06-04T12:55:00Z
1
value 0.04438
scoring_system epss
scoring_elements 0.89253
published_at 2026-06-05T12:55:00Z
2
value 0.04438
scoring_system epss
scoring_elements 0.89254
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14397
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14397
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14397
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860344
reference_id 1860344
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860344
5
reference_url https://access.redhat.com/errata/RHSA-2021:1811
reference_id RHSA-2021:1811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1811
6
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
7
reference_url https://usn.ubuntu.com/4573-1/
reference_id USN-4573-1
reference_type
scores
url https://usn.ubuntu.com/4573-1/
fixed_packages
0
url pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=armv7&distroversion=v3.22&reponame=community
aliases CVE-2020-14397
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-72vg-qxu9-nkfy
2
url VCID-9d78-wqhh-pbcn
vulnerability_id VCID-9d78-wqhh-pbcn
summary An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14402.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14402.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14402
reference_id
reference_type
scores
0
value 0.0257
scoring_system epss
scoring_elements 0.8582
published_at 2026-06-04T12:55:00Z
1
value 0.0257
scoring_system epss
scoring_elements 0.85842
published_at 2026-06-05T12:55:00Z
2
value 0.0257
scoring_system epss
scoring_elements 0.85825
published_at 2026-06-08T12:55:00Z
3
value 0.0257
scoring_system epss
scoring_elements 0.85843
published_at 2026-06-06T12:55:00Z
4
value 0.0257
scoring_system epss
scoring_elements 0.8584
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14402
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14402
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14402
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860367
reference_id 1860367
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860367
5
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
6
reference_url https://usn.ubuntu.com/4573-1/
reference_id USN-4573-1
reference_type
scores
url https://usn.ubuntu.com/4573-1/
fixed_packages
0
url pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=armv7&distroversion=v3.22&reponame=community
aliases CVE-2020-14402
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9d78-wqhh-pbcn
3
url VCID-eks9-j9wf-q7cn
vulnerability_id VCID-eks9-j9wf-q7cn
summary libvncclient/sockets.c in LibVNCServer before 0.9.13 has a buffer overflow via a long socket filename.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20839.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20839.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-20839
reference_id
reference_type
scores
0
value 0.04134
scoring_system epss
scoring_elements 0.88842
published_at 2026-06-04T12:55:00Z
1
value 0.04134
scoring_system epss
scoring_elements 0.88859
published_at 2026-06-06T12:55:00Z
2
value 0.04134
scoring_system epss
scoring_elements 0.88857
published_at 2026-06-07T12:55:00Z
3
value 0.04134
scoring_system epss
scoring_elements 0.88856
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-20839
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20839
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20839
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1849877
reference_id 1849877
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1849877
5
reference_url https://access.redhat.com/errata/RHSA-2021:1811
reference_id RHSA-2021:1811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1811
6
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
fixed_packages
0
url pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=armv7&distroversion=v3.22&reponame=community
aliases CVE-2019-20839
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-eks9-j9wf-q7cn
4
url VCID-hh4x-d9pd-ebe4
vulnerability_id VCID-hh4x-d9pd-ebe4
summary An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14403.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14403.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14403
reference_id
reference_type
scores
0
value 0.01332
scoring_system epss
scoring_elements 0.80295
published_at 2026-06-04T12:55:00Z
1
value 0.01332
scoring_system epss
scoring_elements 0.8032
published_at 2026-06-05T12:55:00Z
2
value 0.01332
scoring_system epss
scoring_elements 0.80312
published_at 2026-06-08T12:55:00Z
3
value 0.01332
scoring_system epss
scoring_elements 0.80323
published_at 2026-06-06T12:55:00Z
4
value 0.01332
scoring_system epss
scoring_elements 0.80319
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14403
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14403
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14403
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860334
reference_id 1860334
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860334
5
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
6
reference_url https://usn.ubuntu.com/4573-1/
reference_id USN-4573-1
reference_type
scores
url https://usn.ubuntu.com/4573-1/
fixed_packages
0
url pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=armv7&distroversion=v3.22&reponame=community
aliases CVE-2020-14403
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hh4x-d9pd-ebe4
5
url VCID-j4zz-yk4y-y7ds
vulnerability_id VCID-j4zz-yk4y-y7ds
summary An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint32_t pointers in libvncclient/rfbproto.c. NOTE: there is reportedly "no trust boundary crossed.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14399.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14399.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14399
reference_id
reference_type
scores
0
value 0.02462
scoring_system epss
scoring_elements 0.85524
published_at 2026-06-04T12:55:00Z
1
value 0.02462
scoring_system epss
scoring_elements 0.85547
published_at 2026-06-07T12:55:00Z
2
value 0.02462
scoring_system epss
scoring_elements 0.85552
published_at 2026-06-06T12:55:00Z
3
value 0.02462
scoring_system epss
scoring_elements 0.85532
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14399
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14399
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14399
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860354
reference_id 1860354
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860354
5
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
fixed_packages
0
url pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=armv7&distroversion=v3.22&reponame=community
aliases CVE-2020-14399
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j4zz-yk4y-y7ds
6
url VCID-jn8p-cbaf-uqc7
vulnerability_id VCID-jn8p-cbaf-uqc7
summary An issue was discovered in LibVNCServer before 0.9.13. libvncserver/ws_decode.c can lead to a crash because of unaligned accesses in hybiReadAndDecode.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20840.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-20840.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-20840
reference_id
reference_type
scores
0
value 0.02935
scoring_system epss
scoring_elements 0.86689
published_at 2026-06-04T12:55:00Z
1
value 0.02935
scoring_system epss
scoring_elements 0.86712
published_at 2026-06-05T12:55:00Z
2
value 0.02935
scoring_system epss
scoring_elements 0.86697
published_at 2026-06-08T12:55:00Z
3
value 0.02935
scoring_system epss
scoring_elements 0.8671
published_at 2026-06-06T12:55:00Z
4
value 0.02935
scoring_system epss
scoring_elements 0.86707
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-20840
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20840
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-20840
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1849881
reference_id 1849881
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1849881
5
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
fixed_packages
0
url pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=armv7&distroversion=v3.22&reponame=community
aliases CVE-2019-20840
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jn8p-cbaf-uqc7
7
url VCID-t4ke-zyfm-nqd3
vulnerability_id VCID-t4ke-zyfm-nqd3
summary An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14401.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14401.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14401
reference_id
reference_type
scores
0
value 0.01299
scoring_system epss
scoring_elements 0.80062
published_at 2026-06-04T12:55:00Z
1
value 0.01299
scoring_system epss
scoring_elements 0.80088
published_at 2026-06-05T12:55:00Z
2
value 0.01299
scoring_system epss
scoring_elements 0.80078
published_at 2026-06-08T12:55:00Z
3
value 0.01299
scoring_system epss
scoring_elements 0.80092
published_at 2026-06-06T12:55:00Z
4
value 0.01299
scoring_system epss
scoring_elements 0.80087
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14401
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14401
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14401
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860364
reference_id 1860364
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860364
5
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
fixed_packages
0
url pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=armv7&distroversion=v3.22&reponame=community
aliases CVE-2020-14401
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t4ke-zyfm-nqd3
8
url VCID-uw43-p37a-syec
vulnerability_id VCID-uw43-p37a-syec
summary An issue was discovered in LibVNCServer before 0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14404.json
reference_id
reference_type
scores
0
value 5.4
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14404.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14404
reference_id
reference_type
scores
0
value 0.01332
scoring_system epss
scoring_elements 0.80295
published_at 2026-06-04T12:55:00Z
1
value 0.01332
scoring_system epss
scoring_elements 0.8032
published_at 2026-06-05T12:55:00Z
2
value 0.01332
scoring_system epss
scoring_elements 0.80312
published_at 2026-06-08T12:55:00Z
3
value 0.01332
scoring_system epss
scoring_elements 0.80323
published_at 2026-06-06T12:55:00Z
4
value 0.01332
scoring_system epss
scoring_elements 0.80319
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14404
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14404
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14404
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860337
reference_id 1860337
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860337
5
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
6
reference_url https://usn.ubuntu.com/4573-1/
reference_id USN-4573-1
reference_type
scores
url https://usn.ubuntu.com/4573-1/
fixed_packages
0
url pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=armv7&distroversion=v3.22&reponame=community
aliases CVE-2020-14404
risk_score 2.5
exploitability 0.5
weighted_severity 4.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uw43-p37a-syec
9
url VCID-vdnw-c2k8-pfdy
vulnerability_id VCID-vdnw-c2k8-pfdy
summary An issue was discovered in LibVNCServer before 0.9.13. libvncclient/rfbproto.c does not limit TextChat size.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14405.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14405.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14405
reference_id
reference_type
scores
0
value 0.01401
scoring_system epss
scoring_elements 0.80763
published_at 2026-06-04T12:55:00Z
1
value 0.01401
scoring_system epss
scoring_elements 0.80791
published_at 2026-06-05T12:55:00Z
2
value 0.01401
scoring_system epss
scoring_elements 0.80786
published_at 2026-06-08T12:55:00Z
3
value 0.01401
scoring_system epss
scoring_elements 0.80792
published_at 2026-06-06T12:55:00Z
4
value 0.01401
scoring_system epss
scoring_elements 0.80789
published_at 2026-06-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14405
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14405
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14405
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860325
reference_id 1860325
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860325
5
reference_url https://access.redhat.com/errata/RHSA-2021:1811
reference_id RHSA-2021:1811
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:1811
6
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
fixed_packages
0
url pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=armv7&distroversion=v3.22&reponame=community
aliases CVE-2020-14405
risk_score 3.0
exploitability 0.5
weighted_severity 5.9
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vdnw-c2k8-pfdy
10
url VCID-yzge-5eyr-3kc8
vulnerability_id VCID-yzge-5eyr-3kc8
summary An issue was discovered in LibVNCServer before 0.9.13. Byte-aligned data is accessed through uint16_t pointers in libvncserver/translate.c. NOTE: Third parties do not consider this to be a vulnerability as there is no known path of exploitation or cross of a trust boundary
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14400.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2020-14400.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14400
reference_id
reference_type
scores
0
value 0.02462
scoring_system epss
scoring_elements 0.85524
published_at 2026-06-04T12:55:00Z
1
value 0.02462
scoring_system epss
scoring_elements 0.85547
published_at 2026-06-07T12:55:00Z
2
value 0.02462
scoring_system epss
scoring_elements 0.85552
published_at 2026-06-06T12:55:00Z
3
value 0.02462
scoring_system epss
scoring_elements 0.85532
published_at 2026-06-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14400
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14400
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14400
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1860361
reference_id 1860361
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1860361
5
reference_url https://usn.ubuntu.com/4434-1/
reference_id USN-4434-1
reference_type
scores
url https://usn.ubuntu.com/4434-1/
fixed_packages
0
url pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
purl pkg:apk/alpine/libvncserver@0.9.13-r0?arch=armv7&distroversion=v3.22&reponame=community
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=armv7&distroversion=v3.22&reponame=community
aliases CVE-2020-14400
risk_score 1.1
exploitability 0.5
weighted_severity 2.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yzge-5eyr-3kc8
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:apk/alpine/libvncserver@0.9.13-r0%3Farch=armv7&distroversion=v3.22&reponame=community