spice versions though 0.13 are vulnerable to out-of-bounds memory access when processing specially crafted messages from authenticated attacker to the spice server resulting into crash and/or server memory leak.
[
{
"product": "spice",
"vendor": "The SPICE Project",
"versions": [
{
"status": "affected",
"version": "all versions through 0.13"
}
]
}
]