CRITICAL9.8CVE-2017-12194A flaw was found in the way spice-client processed certain messages sent from the server. from 0, < 0.35-1
HIGH8.8CVE-2018-10893Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. from 0, < 0.37-1
from 0, < 0.25-1+deb8u1
HIGH8.8spice - security update
from 0, < 0.35-1
MEDIUM6.6spice - security update
from 0, < 0.33-3.3+deb9u2
MEDIUM6.6spice - security update
from 0, < 0.39-1
MEDIUM6.5The spice-gtk widget allows remote authenticated users to obtain information from the host clipboard.
from 0
—spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkit_unix_process_new API function, which al…
from 0, < 0.21-0nocelt1
—libgio, when used in setuid or other privileged programs in spice-gtk and possibly other products, allows local users to gain privileges an…
from 0, < 0.12-5