rpm package
opensuse/xrdp&distro=openSUSE Leap 15.5
pkg:rpm/opensuse/xrdp&distro=openSUSE%20Leap%2015.5
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-42822 | — | < 0.9.13.1-150200.4.27.1 | 0.9.13.1-150200.4.27.1 | Sep 27, 2023 | xrdp is an open source remote desktop protocol server. Access to the font glyphs in xrdp_painter.c is not bounds-checked . Since some of this data is controllable by the user, this can result in an out-of-bounds read within the xrdp executable. The vulnerability allows an out-of- | ||
| CVE-2023-40184 | — | < 0.9.13.1-150200.4.24.1 | 0.9.13.1-150200.4.24.1 | Aug 30, 2023 | xrdp is an open source remote desktop protocol (RDP) server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The `auth_start_session` function can return non-zero (1) value on, e.g., PAM error which may |
- CVE-2023-42822Sep 27, 2023affected < 0.9.13.1-150200.4.27.1fixed 0.9.13.1-150200.4.27.1
xrdp is an open source remote desktop protocol server. Access to the font glyphs in xrdp_painter.c is not bounds-checked . Since some of this data is controllable by the user, this can result in an out-of-bounds read within the xrdp executable. The vulnerability allows an out-of-
- CVE-2023-40184Aug 30, 2023affected < 0.9.13.1-150200.4.24.1fixed 0.9.13.1-150200.4.24.1
xrdp is an open source remote desktop protocol (RDP) server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The `auth_start_session` function can return non-zero (1) value on, e.g., PAM error which may