Fluid Attacks Database

Description

In TigerVNC 1.7.1 (SSecurityVeNCrypt.cxx SSecurityVeNCrypt::SSecurityVeNCrypt), an unauthenticated client can cause a small memory leak in the server.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 14	tigervnc	>=0 <1.7.0+dfsg-7	1.7.0+dfsg-7
debian 12	tigervnc	>=0 <1.7.0+dfsg-7	1.7.0+dfsg-7
rpm rhel7	fltk	<0:1.3.4-1.el7	0:1.3.4-1.el7
debian 11	tigervnc	>=0 <1.7.0+dfsg-7	1.7.0+dfsg-7
debian 13	tigervnc	>=0 <1.7.0+dfsg-7	1.7.0+dfsg-7
rpm rhel7	tigervnc	<0:1.8.0-1.el7	0:1.8.0-1.el7
rpm rhel6	tigervnc	-	-

Aliases

1. CVE-2017-73922. NVD-2017-73923. OSV-DEBIAN-2017-73924. OSV-2017-73925. SECURITY-TRACKER-CVE-2017-7392

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.