VDB

CVE-2018-20021

CVE-2018-20021 PUBLISHED

LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop vulnerability in VNC client code. Vulnerability allows attacker to consume excessive amount of resources like CPU and RAM

EPSS 2.55% · 85.8th percentile

Risk Scores

EPSS Score
2.55%
85.8th percentile

Affected Products

VendorProductVersions
Ubuntu:14.04:LTSlibvncserver0.9.9+dfsg-1ubuntu1.1, 0.9.9+dfsg-1, 0.9.9+dfsg-1ubuntu1
Ubuntu:18.04:LTSssvnc0, 1.0.29-3build1, 1.0.29-3
Ubuntu:Pro:14.04:LTStightvnc1.3.9-6.4, 1.3.9-6.4ubuntu1, 0
Ubuntu:16.04:LTStightvnc1.3.10-0ubuntu3, 0, 1.3.10-0ubuntu2
Ubuntu:24.04:LTStightvnc1:1.3.10-7build1, 1:1.3.10-7, 0
Ubuntu:16.04:LTSlibvncserver0.9.10+dfsg-3ubuntu0.16.04.2, 0, 0.9.10+dfsg-3
Ubuntu:16.04:LTSitalc0, 1:2.0.2+dfsg1-3, 1:2.0.2+dfsg1-4
Ubuntu:18.04:LTSlibvncserver0, *, 0.9.11+dfsg-1
Ubuntu:25.10tightvnc1:1.3.10-9, 1:1.3.10-10, 0
Ubuntu:20.04:LTStightvnc1.3.10-0ubuntu5, 0
Ubuntu:18.04:LTStightvnc0, 1.3.10-0ubuntu4, 1.3.10-0ubuntu3
Ubuntu:18.04:LTSitalc1:3.0.3+dfsg1-1, 0, 1:3.0.3+dfsg1-3
Ubuntu:16.04:LTSssvnc0, 1.0.29-2build1
Ubuntu:22.04:LTStightvnc1:1.3.10-3, 0, *

Timeline

  • Dec 19, 2018 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • May 2, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 5, 2022 EPSS Score
  • Nov 6, 2022 EPSS Score
  • Jan 8, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›