OESA-2022-2090
- Source
- https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2022-2090
- Import Source
- https://repo.openeuler.org/security/data/osv/OESA-2022-2090.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/OESA-2022-2090
- Upstream
- Published
- 2022-11-11T11:04:36Z
- Modified
- 2025-08-12T05:06:21.503021Z
- Summary
- libvncserver security update
- Details
-
libvncserver is a set of programs using the RFB (Remote Frame Buffer) protocol. They are designed to "export" a frame buffer via net: you set up a server and can connect to it via VNC viewers. If the server supports WebSockets (which LibVNCServer does), you can also connect using an in-browser VNC viewer like noVNC. It is already in wide use for administration, but it is not that easy to program a server yourself.
Security Fix(es):
libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup().(CVE-2020-29260)
- Database specific
{ "severity": "High" }- References
Affected packages
openEuler:22.03-LTS / libvncserver
Package
- Name
- libvncserver
- Purl
- pkg:rpm/openEuler/libvncserver&distro=openEuler-22.03-LTS
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed0.9.13-3.oe2203
Ecosystem specific
{
"src": [
"libvncserver-0.9.13-3.oe2203.src.rpm"
],
"aarch64": [
"libvncserver-debuginfo-0.9.13-3.oe2203.aarch64.rpm",
"libvncserver-devel-0.9.13-3.oe2203.aarch64.rpm",
"libvncserver-0.9.13-3.oe2203.aarch64.rpm",
"libvncserver-debugsource-0.9.13-3.oe2203.aarch64.rpm"
],
"x86_64": [
"libvncserver-debugsource-0.9.13-3.oe2203.x86_64.rpm",
"libvncserver-devel-0.9.13-3.oe2203.x86_64.rpm",
"libvncserver-0.9.13-3.oe2203.x86_64.rpm",
"libvncserver-debuginfo-0.9.13-3.oe2203.x86_64.rpm"
]
}