{"affected":[{"ecosystem_specific":{"binaries":[{"libvncclient0":"0.9.10-4.14.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Workstation Extension 15 SP1","name":"LibVNCServer","purl":"pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.9.10-4.14.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for LibVNCServer fixes the following issues:\n\n- CVE-2019-15690: Fixed a heap buffer overflow (bsc#1160471).\n- CVE-2019-15681: Fixed a memory leak which could have allowed to a remote attacker to read stack memory (bsc#1155419).\n- CVE-2019-20788: Fixed a integer overflow and heap-based buffer overflow via a large height or width value (bsc#1170441).\n","id":"SUSE-SU-2020:1164-1","modified":"2020-05-04T09:28:50Z","published":"2020-05-04T09:28:50Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2020/suse-su-20201164-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1155419"},{"type":"REPORT","url":"https://bugzilla.suse.com/1160471"},{"type":"REPORT","url":"https://bugzilla.suse.com/1170441"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-15681"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-15690"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-20788"}],"related":["CVE-2019-15681","CVE-2019-15690","CVE-2019-20788"],"summary":"Security update for LibVNCServer","upstream":["CVE-2019-15681","CVE-2019-15690","CVE-2019-20788"]}