VYPR

rpm package

opensuse/xrdp&distro=openSUSE Leap 15.5

pkg:rpm/opensuse/xrdp&distro=openSUSE%20Leap%2015.5

Vulnerabilities (2)

  • CVE-2023-42822Sep 27, 2023
    affected < 0.9.13.1-150200.4.27.1fixed 0.9.13.1-150200.4.27.1

    xrdp is an open source remote desktop protocol server. Access to the font glyphs in xrdp_painter.c is not bounds-checked . Since some of this data is controllable by the user, this can result in an out-of-bounds read within the xrdp executable. The vulnerability allows an out-of-

  • CVE-2023-40184Aug 30, 2023
    affected < 0.9.13.1-150200.4.24.1fixed 0.9.13.1-150200.4.24.1

    xrdp is an open source remote desktop protocol (RDP) server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The `auth_start_session` function can return non-zero (1) value on, e.g., PAM error which may