Vulnerabilities > Spice Space > Spice Vdagent > 0.20.0

DATE CVE VULNERABILITY TITLE RISK
2020-11-26 CVE-2020-25653 Race Condition vulnerability in multiple products
A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections.
local
high complexity
spice-space debian fedoraproject CWE-362
6.3
6.3
2020-11-26 CVE-2020-25652 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in `/run/spice-vdagentd/spice-vdagent-sock`.
local
low complexity
spice-space debian fedoraproject CWE-770
5.5
5.5
2020-11-26 CVE-2020-25651 Race Condition vulnerability in multiple products
A flaw was found in the SPICE file transfer protocol.
local
high complexity
spice-space debian fedoraproject CWE-362
6.4
6.4
2020-11-25 CVE-2020-25650 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine.
local
low complexity
spice-space debian fedoraproject CWE-770
5.5
5.5