In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. They store the certificates as authorities, meaning that the owner of a certificate could impersonate any server after a client had added an exception.
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_name": "tigervnc-common", "binary_version": "1.10.1+dfsg-3ubuntu0.20.04.1+esm1" }, { "binary_name": "tigervnc-common-dbgsym", "binary_version": "1.10.1+dfsg-3ubuntu0.20.04.1+esm1" }, { "binary_name": "tigervnc-scraping-server", "binary_version": "1.10.1+dfsg-3ubuntu0.20.04.1+esm1" }, { "binary_name": "tigervnc-scraping-server-dbgsym", "binary_version": "1.10.1+dfsg-3ubuntu0.20.04.1+esm1" }, { "binary_name": "tigervnc-standalone-server", "binary_version": "1.10.1+dfsg-3ubuntu0.20.04.1+esm1" }, { "binary_name": "tigervnc-standalone-server-dbgsym", "binary_version": "1.10.1+dfsg-3ubuntu0.20.04.1+esm1" }, { "binary_name": "tigervnc-viewer", "binary_version": "1.10.1+dfsg-3ubuntu0.20.04.1+esm1" }, { "binary_name": "tigervnc-viewer-dbgsym", "binary_version": "1.10.1+dfsg-3ubuntu0.20.04.1+esm1" }, { "binary_name": "tigervnc-xorg-extension", "binary_version": "1.10.1+dfsg-3ubuntu0.20.04.1+esm1" }, { "binary_name": "tigervnc-xorg-extension-dbgsym", "binary_version": "1.10.1+dfsg-3ubuntu0.20.04.1+esm1" } ], "ubuntu_priority": "medium" }