CVE-2018-20024 — NULL Pointer Dereference in Project Libvncserver
Severity
7.5HIGHNVD
EPSS
3.7%
top 11.99%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedDec 19
Latest updateMay 13
Description
LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6
Affected Packages2 packages
Also affects: Debian Linux 8.0, 9.0, Ubuntu Linux 14.04, 16.04, 18.04, 18.10
🔴Vulnerability Details
4GHSA▶
GHSA-4834-x9v4-h8m7: LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS↗2022-05-13
CVEList▶
CVE-2018-20024: LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS↗2018-12-19
OSV▶
CVE-2018-20024: LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS↗2018-12-19
📋Vendor Advisories
6💬Community
3Bugzilla▶
CVE-2018-20024 libvncserver: NULL pointer dereference in VNC client code allows for denial of service [fedora-all]↗2018-12-20
Bugzilla▶
CVE-2018-20024 libvncserver: NULL pointer dereference in VNC client code allows for denial of service↗2018-12-20
Bugzilla▶
CVE-2018-20024 libvncserver: NULL pointer dereference in VNC client code allows for denial of service [epel-7]↗2018-12-20