Spice-gtk Project Spice-gtk — known CVE vulnerabilities
Every CVE whose affected-product data names Spice-gtk Project Spice-gtk, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2017-12194 — CVSS 9.8 (critical): A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious…
CVE-2016-3066 — CVSS 6.5 (medium): The spice-gtk widget allows remote authenticated users to obtain information from the host clipboard.
CVE-2013-4324 — CVSS 4.6 (medium): spice-gtk 0.14, and possibly other versions, invokes the polkit authority using the insecure polkit_unix_process_new API function, which…