An issue was discovered in LibVNCServer before 0.9.13. libvncserver/corre.c allows out-of-bounds access via encodings.
[
    {
        "id": "CVE-2020-14402-2881c67e",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "279186788467601084510397377312630471501",
                "136564391502689261425817146893094173910",
                "112617782039554860452708764507028252043",
                "128154823961943837977491631399247931438"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "libvncserver/hextile.c"
        },
        "source": "https://github.com/libvnc/libvncserver/commit/74e8a70f2c9a5248d6718ce443e07c7ed314dfff"
    },
    {
        "id": "CVE-2020-14402-42bbc5e2",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "289252992523367327632354621665320742352",
                "36512170735046696879154038989677648515",
                "277157400668572645645471330322775066349",
                "64330010330190451697336720342933185390"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "libvncserver/rre.c"
        },
        "source": "https://github.com/libvnc/libvncserver/commit/74e8a70f2c9a5248d6718ce443e07c7ed314dfff"
    },
    {
        "id": "CVE-2020-14402-87ba1727",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "function_hash": "37231841470234379109527685760802316726",
            "length": 1779.0
        },
        "target": {
            "file": "libvncserver/hextile.c",
            "function": "bpp"
        },
        "source": "https://github.com/libvnc/libvncserver/commit/74e8a70f2c9a5248d6718ce443e07c7ed314dfff"
    },
    {
        "id": "CVE-2020-14402-c4129626",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "function_hash": "15063665914612139429731961338670674392",
            "length": 1970.0
        },
        "target": {
            "file": "libvncserver/rre.c",
            "function": "bpp"
        },
        "source": "https://github.com/libvnc/libvncserver/commit/74e8a70f2c9a5248d6718ce443e07c7ed314dfff"
    },
    {
        "id": "CVE-2020-14402-eff32b91",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Line",
        "digest": {
            "line_hashes": [
                "289252992523367327632354621665320742352",
                "36512170735046696879154038989677648515",
                "277157400668572645645471330322775066349",
                "64330010330190451697336720342933185390"
            ],
            "threshold": 0.9
        },
        "target": {
            "file": "libvncserver/corre.c"
        },
        "source": "https://github.com/libvnc/libvncserver/commit/74e8a70f2c9a5248d6718ce443e07c7ed314dfff"
    },
    {
        "id": "CVE-2020-14402-f867ff26",
        "deprecated": false,
        "signature_version": "v1",
        "signature_type": "Function",
        "digest": {
            "function_hash": "276190757486447906599022657754585572557",
            "length": 1933.0
        },
        "target": {
            "file": "libvncserver/corre.c",
            "function": "bpp"
        },
        "source": "https://github.com/libvnc/libvncserver/commit/74e8a70f2c9a5248d6718ce443e07c7ed314dfff"
    }
]