{"affected":[{"ecosystem_specific":{"binaries":[{"libvncserver0":"0.9.10-4.14.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Package Hub 15 SP1","name":"LibVNCServer","purl":"pkg:rpm/suse/LibVNCServer&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.9.10-4.14.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for LibVNCServer fixes the following issues:\n\n- CVE-2019-15690: Fixed a heap buffer overflow (bsc#1160471).\n- CVE-2019-15681: Fixed a memory leak which could have allowed to a remote attacker to read stack memory (bsc#1155419).\n- CVE-2019-20788: Fixed a integer overflow and heap-based buffer overflow via a large height or width value (bsc#1170441).\n","id":"SUSE-SU-2020:1164-2","modified":"2020-07-07T11:43:24Z","published":"2020-07-07T11:43:24Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2020/suse-su-20201164-2/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1155419"},{"type":"REPORT","url":"https://bugzilla.suse.com/1160471"},{"type":"REPORT","url":"https://bugzilla.suse.com/1170441"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-15681"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-15690"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-20788"}],"related":["CVE-2019-15681","CVE-2019-15690","CVE-2019-20788"],"summary":"Security update for LibVNCServer","upstream":["CVE-2019-15681","CVE-2019-15690","CVE-2019-20788"]}