VYPR
Unrated severityNVD Advisory· Published Apr 22, 2024· Updated Nov 3, 2025

FreeRDP Out-Of-Bounds Read in interleaved_decompress

CVE-2024-32460

Description

FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using /bpp:32 legacy GDI drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use modern drawing paths (e.g. /rfx or /gfx options). The workaround requires server side support.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

11

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.