CVE-2020-14396

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2020-14396

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-14396.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-14396

Downstream

DEBIAN-CVE-2020-14396

UBUNTU-CVE-2020-14396

USN-4434-1

Published

2020-06-17T16:15:11Z

Modified

2025-10-21T05:32:38.630541Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.

References

Affected packages

Git / github.com/libvnc/libvncserver

Affected ranges

Type: GIT
Repo: https://github.com/libvnc/libvncserver
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

33441d90a506d5f3ae9388f2752901227e430553

Affected versions

LibVNCServer-0.*

LibVNCServer-0.9.10

LibVNCServer-0.9.11

LibVNCServer-0.9.12

LibVNCServer-0.9.8

LibVNCServer-0.9.9

Other

X11VNC_0_9_10

X11VNC_0_9_11

X11VNC_0_9_12

X11VNC_0_9_7

X11VNC_0_9_8

X11VNC_0_9_9

X11VNC_REL_0_9_4

X11VNC_REL_0_9_5

X11VNC_REL_0_9_6

Database specific

vanir_signatures

[
    {
        "deprecated": false,
        "source": "https://github.com/libvnc/libvncserver/commit/33441d90a506d5f3ae9388f2752901227e430553",
        "digest": {
            "function_hash": "289870025509888091998254113739023981642",
            "length": 2497.0
        },
        "target": {
            "function": "open_ssl_connection",
            "file": "libvncclient/tls_openssl.c"
        },
        "id": "CVE-2020-14396-a63a5cc6",
        "signature_version": "v1",
        "signature_type": "Function"
    },
    {
        "deprecated": false,
        "source": "https://github.com/libvnc/libvncserver/commit/33441d90a506d5f3ae9388f2752901227e430553",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "80226186285922043742937663968878156146",
                "23982019333981318047145580796055385006",
                "78556645990089934348837580570819060018",
                "129536370082382921633149900127119405369",
                "179482101782982562967665731851017857863",
                "57481811473761647249782608015147496236",
                "170469348421599386093090533339237144854",
                "132784373091711427979626134283971151697"
            ]
        },
        "target": {
            "file": "libvncclient/tls_openssl.c"
        },
        "id": "CVE-2020-14396-c848c6fe",
        "signature_version": "v1",
        "signature_type": "Line"
    }
]