An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.
Created libvncserver tracking bugs for this issue:
Affects: epel-7 [bug 1860341]
Affects: fedora-all [bug 1860342]
versions of libvncserver and vino that ship with Red Hat Enterprise Linux 6 through 8 (inclusive) are not affected because the vulnerable code was introduced in a later version.
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):