Gentoo FoundationMGASA-2020-0042Updated tigervnc packages fix security vulnerabilities
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.006 Low
EPSS
Percentile
79.3%
Updated tigervnc packages fix security vulnerabilities: The tigervnc package has been updated to version 1.10.1 to fix multiple unspecified security issues. These issues affect both the client and server and could theoretically allow an malicious peer to take control over the software on the other side. No working exploit is known at this time, and the issues require the peer to first be authenticated (CVE-2019-15691, CVE-2019-15692, CVE-2019-15693, CVE-2019-15694, CVE-2019-15695).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 7 | noarch | tigervnc | < 1.10.1-1 | tigervnc-1.10.1-1.mga7 |
Related
6.5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:P/I:P/A:P
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.006 Low
EPSS
Percentile
79.3%