VYPR

rpm package

almalinux/freerdp

pkg:rpm/almalinux/freerdp

Vulnerabilities (65)

  • CVE-2022-39316Nov 16, 2022
    affected < 2:2.4.1-5.el9fixed 2:2.4.1-5.el9

    FreeRDP is a free remote desktop protocol library and clients. In affected versions there is an out of bound read in ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it likely resulting in a crash.

  • CVE-2022-39283Oct 12, 2022
    affected < 2:2.4.1-5.el9fixed 2:2.4.1-5.el9

    FreeRDP is a free remote desktop protocol library and clients. All FreeRDP based clients when using the `/video` command line switch might read uninitialized data, decode it as audio/video and display the result. FreeRDP based server implementations are not affected. This issue h

  • CVE-2022-39282Oct 12, 2022
    affected < 2:2.4.1-5.el9fixed 2:2.4.1-5.el9

    FreeRDP is a free remote desktop protocol library and clients. FreeRDP based clients on unix systems using `/parallel` command line switch might read uninitialized data and send it to the server the client is currently connected to. FreeRDP based server implementations are not af

  • CVE-2021-41160Oct 21, 2021
    affected < 2:2.2.0-7.el8_5fixed 2:2.2.0-7.el8_5

    FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a malicious server might trigger out of bound writes in a connected client. Connections using GDI or SurfaceCommands to send graphics updates to the clie

  • CVE-2021-41159Oct 21, 2021
    affected < 2:2.2.0-7.el8_5fixed 2:2.2.0-7.el8_5

    FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. All FreeRDP clients prior to version 2.4.1 using gateway connections (`/gt:rpc`) fail to validate input data. A malicious gateway might allow client memory to be written out

Page 4 of 4