VYPR

rpm package

suse/freerdp&distro=SUSE Linux Enterprise Workstation Extension 15 SP1

pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP1

Vulnerabilities (34)

  • CVE-2020-11019May 29, 2020
    affected < 2.1.2-10.15.1fixed 2.1.2-10.15.1

    In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index. Data could be printed as string to local terminal. This has been fixed in 2.1.0.

  • CVE-2020-11018May 29, 2020
    affected < 2.1.2-10.15.1fixed 2.1.2-10.15.1

    In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0.

  • CVE-2020-11017May 29, 2020
    affected < 2.1.2-10.15.1fixed 2.1.2-10.15.1

    In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. This is fixed in version 2.1.0.

  • CVE-2020-13398May 22, 2020
    affected < 2.1.2-10.15.1fixed 2.1.2-10.15.1

    An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.

  • CVE-2020-13397May 22, 2020
    affected < 2.1.2-10.15.1fixed 2.1.2-10.15.1

    An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.

  • CVE-2020-13396May 22, 2020
    affected < 2.1.2-10.15.1fixed 2.1.2-10.15.1

    An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c.

  • CVE-2020-11526May 15, 2020
    affected < 2.1.2-10.15.1fixed 2.1.2-10.15.1

    libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read.

  • CVE-2020-11525May 15, 2020
    affected < 2.1.2-10.15.1fixed 2.1.2-10.15.1

    libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read.

  • CVE-2020-11524May 15, 2020
    affected < 2.1.2-10.15.1fixed 2.1.2-10.15.1

    libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.

  • CVE-2020-11523May 15, 2020
    affected < 2.1.2-10.15.1fixed 2.1.2-10.15.1

    libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow.

  • CVE-2020-11522May 15, 2020
    affected < 2.1.2-10.15.1fixed 2.1.2-10.15.1

    libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.

  • CVE-2020-11521May 15, 2020
    affected < 2.1.2-10.15.1fixed 2.1.2-10.15.1

    libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.

  • CVE-2019-17177Oct 4, 2019
    affected < 2.0.0~rc4-10.4.1fixed 2.0.0~rc4-10.4.1

    libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.

  • CVE-2019-17178Oct 4, 2019
    affected < 2.0.0~rc4-10.4.1fixed 2.0.0~rc4-10.4.1

    HuffmanTree_makeFromFrequencies in lodepng.c in LodePNG through 2019-09-28, as used in WinPR in FreeRDP and other products, has a memory leak because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.

Page 2 of 2