rpm package
opensuse/xrdp&distro=openSUSE Leap 15.4
pkg:rpm/opensuse/xrdp&distro=openSUSE%20Leap%2015.4
Vulnerabilities (12)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-42822 | — | < 0.9.13.1-150200.4.27.1 | 0.9.13.1-150200.4.27.1 | Sep 27, 2023 | xrdp is an open source remote desktop protocol server. Access to the font glyphs in xrdp_painter.c is not bounds-checked . Since some of this data is controllable by the user, this can result in an out-of-bounds read within the xrdp executable. The vulnerability allows an out-of- | ||
| CVE-2023-40184 | — | < 0.9.13.1-150200.4.24.1 | 0.9.13.1-150200.4.24.1 | Aug 30, 2023 | xrdp is an open source remote desktop protocol (RDP) server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The `auth_start_session` function can return non-zero (1) value on, e.g., PAM error which may | ||
| CVE-2022-23477 | — | < 0.9.13.1-150200.4.18.1 | 0.9.13.1-150200.4.18.1 | Dec 9, 2022 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in audin_send_open() function. There are no known workarounds for this issue. Users are advised to upgrade. | ||
| CVE-2022-23484 | — | < 0.9.13.1-150200.4.15.1 | 0.9.13.1-150200.4.15.1 | Dec 9, 2022 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Integer Overflow in xrdp_mm_process_rail_update_window_text() function. There are no known workarounds for this issue. Users | ||
| CVE-2022-23483 | — | < 0.9.13.1-150200.4.15.1 | 0.9.13.1-150200.4.15.1 | Dec 9, 2022 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in libxrdp_send_to_channel() function. There are no known workarounds for this issue. Users are advised to | ||
| CVE-2022-23482 | — | < 0.9.13.1-150200.4.15.1 | 0.9.13.1-150200.4.15.1 | Dec 9, 2022 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_sec_process_mcs_data_CS_CORE() function. There are no known workarounds for this issue. Users are a | ||
| CVE-2022-23481 | — | < 0.9.13.1-150200.4.15.1 | 0.9.13.1-150200.4.15.1 | Dec 9, 2022 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_caps_process_confirm_active() function. There are no known workarounds for this issue. Users are ad | ||
| CVE-2022-23480 | — | < 0.9.13.1-150200.4.15.1 | 0.9.13.1-150200.4.15.1 | Dec 9, 2022 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in devredir_proc_client_devlist_announce_req() function. There are no known workarounds for this issue. User | ||
| CVE-2022-23479 | — | < 0.9.13.1-150200.4.15.1 | 0.9.13.1-150200.4.15.1 | Dec 9, 2022 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_mm_chan_data_in() function. There are no known workarounds for this issue. Users are advised to upgr | ||
| CVE-2022-23478 | — | < 0.9.13.1-150200.4.15.1 | 0.9.13.1-150200.4.15.1 | Dec 9, 2022 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open() function. There are no known workarounds for this issue. U | ||
| CVE-2022-23468 | — | < 0.9.13.1-150200.4.15.1 | 0.9.13.1-150200.4.15.1 | Dec 9, 2022 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_login_wnd_create() function. There are no known workarounds for this issue. Users are advised to upg | ||
| CVE-2022-23493 | — | < 0.9.13.1-150200.4.15.1 | 0.9.13.1-150200.4.15.1 | Dec 9, 2022 | xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_mm_trans_process_drdynvc_channel_close() function. There are no known workarounds for this issue. U |
- CVE-2023-42822Sep 27, 2023affected < 0.9.13.1-150200.4.27.1fixed 0.9.13.1-150200.4.27.1
xrdp is an open source remote desktop protocol server. Access to the font glyphs in xrdp_painter.c is not bounds-checked . Since some of this data is controllable by the user, this can result in an out-of-bounds read within the xrdp executable. The vulnerability allows an out-of-
- CVE-2023-40184Aug 30, 2023affected < 0.9.13.1-150200.4.24.1fixed 0.9.13.1-150200.4.24.1
xrdp is an open source remote desktop protocol (RDP) server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The `auth_start_session` function can return non-zero (1) value on, e.g., PAM error which may
- CVE-2022-23477Dec 9, 2022affected < 0.9.13.1-150200.4.18.1fixed 0.9.13.1-150200.4.18.1
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in audin_send_open() function. There are no known workarounds for this issue. Users are advised to upgrade.
- CVE-2022-23484Dec 9, 2022affected < 0.9.13.1-150200.4.15.1fixed 0.9.13.1-150200.4.15.1
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Integer Overflow in xrdp_mm_process_rail_update_window_text() function. There are no known workarounds for this issue. Users
- CVE-2022-23483Dec 9, 2022affected < 0.9.13.1-150200.4.15.1fixed 0.9.13.1-150200.4.15.1
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in libxrdp_send_to_channel() function. There are no known workarounds for this issue. Users are advised to
- CVE-2022-23482Dec 9, 2022affected < 0.9.13.1-150200.4.15.1fixed 0.9.13.1-150200.4.15.1
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_sec_process_mcs_data_CS_CORE() function. There are no known workarounds for this issue. Users are a
- CVE-2022-23481Dec 9, 2022affected < 0.9.13.1-150200.4.15.1fixed 0.9.13.1-150200.4.15.1
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_caps_process_confirm_active() function. There are no known workarounds for this issue. Users are ad
- CVE-2022-23480Dec 9, 2022affected < 0.9.13.1-150200.4.15.1fixed 0.9.13.1-150200.4.15.1
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in devredir_proc_client_devlist_announce_req() function. There are no known workarounds for this issue. User
- CVE-2022-23479Dec 9, 2022affected < 0.9.13.1-150200.4.15.1fixed 0.9.13.1-150200.4.15.1
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_mm_chan_data_in() function. There are no known workarounds for this issue. Users are advised to upgr
- CVE-2022-23478Dec 9, 2022affected < 0.9.13.1-150200.4.15.1fixed 0.9.13.1-150200.4.15.1
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open() function. There are no known workarounds for this issue. U
- CVE-2022-23468Dec 9, 2022affected < 0.9.13.1-150200.4.15.1fixed 0.9.13.1-150200.4.15.1
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_login_wnd_create() function. There are no known workarounds for this issue. Users are advised to upg
- CVE-2022-23493Dec 9, 2022affected < 0.9.13.1-150200.4.15.1fixed 0.9.13.1-150200.4.15.1
xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_mm_trans_process_drdynvc_channel_close() function. There are no known workarounds for this issue. U