VYPR

rpm package

suse/freerdp&distro=SUSE Linux Enterprise Workstation Extension 15 SP5

pkg:rpm/suse/freerdp&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2015%20SP5

Vulnerabilities (26)

  • CVE-2024-32661Apr 23, 2024
    affected < 2.4.0-150400.3.32.1fixed 2.4.0-150400.3.32.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to a possible `NULL` access and crash. Version 3.5.1 contains a patch for the issue. No known workarounds are available.

  • CVE-2024-32660Apr 23, 2024
    affected < 2.4.0-150400.3.32.1fixed 2.4.0-150400.3.32.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.5.1, a malicious server can crash the FreeRDP client by sending invalid huge allocation size. Version 3.5.1 contains a patch for the issue. No known workarounds are available.

  • CVE-2024-32659Apr 23, 2024
    affected < 2.4.0-150400.3.32.1fixed 2.4.0-150400.3.32.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read if `((nWidth == 0) and (nHeight == 0))`. Version 3.5.1 contains a patch for the issue. No known workarounds are available.

  • CVE-2024-32658Apr 23, 2024
    affected < 2.4.0-150400.3.32.1fixed 2.4.0-150400.3.32.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients prior to version 3.5.1 are vulnerable to out-of-bounds read. Version 3.5.1 contains a patch for the issue. No known workarounds are available.

  • CVE-2024-32460Apr 22, 2024
    affected < 2.4.0-150400.3.29.1fixed 2.4.0-150400.3.29.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using `/bpp:32` legacy `GDI` drawing path with a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workarou

  • CVE-2024-32459Apr 22, 2024
    affected < 2.4.0-150400.3.29.1fixed 2.4.0-150400.3.29.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients and servers that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. No known workarounds are available.

  • CVE-2024-32458Apr 22, 2024
    affected < 2.4.0-150400.3.29.1fixed 2.4.0-150400.3.29.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, use `/gfx` or `/rfx` modes (on by defaul

  • CVE-2024-32041Apr 22, 2024
    affected < 2.4.0-150400.3.29.1fixed 2.4.0-150400.3.29.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-of-bounds read. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, deactivate `/gfx` (on by default, set `/

  • CVE-2024-32040Apr 22, 2024
    affected < 2.4.0-150400.3.29.1fixed 2.4.0-150400.3.29.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients that use a version of FreeRDP prior to 3.5.0 or 2.11.6 and have connections to servers using the `NSC` codec are vulnerable to integer underflow. Versions 3.5.0 and 2.11.6 patch the issue. As a

  • CVE-2024-32039Apr 22, 2024
    affected < 2.4.0-150400.3.29.1fixed 2.4.0-150400.3.29.1

    FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients using a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to integer overflow and out-of-bounds write. Versions 3.5.0 and 2.11.6 patch the issue. As a workaround, do not use `/gfx` opt

  • CVE-2024-22211Jan 19, 2024
    affected < 2.4.0-150400.3.26.1fixed 2.4.0-150400.3.26.1

    FreeRDP is a set of free and open source remote desktop protocol library and clients. In affected versions an integer overflow in `freerdp_bitmap_planar_context_reset` leads to heap-buffer overflow. This affects FreeRDP based clients. FreeRDP based server implementations and prox

  • CVE-2023-40567Aug 31, 2023
    affected < 2.4.0-150400.3.23.1fixed 2.4.0-150400.3.23.1

    FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the `clear_decompress_bands_data` function in which there is no offset validation. Abuse of this vulnerability may

  • CVE-2023-40569Aug 31, 2023
    affected < 2.4.0-150400.3.23.1fixed 2.4.0-150400.3.23.1

    FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the `progressive_decompress` function. This issue is likely down to incorrect calculations of the `nXSrc` and `nYSr

  • CVE-2023-40574Aug 31, 2023
    affected < 2.4.0-150400.3.23.1fixed 2.4.0-150400.3.23.1

    FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Write in the `writePixelBGRX` function. This issue is likely down to incorrect calculations of the `nHeight` and `srcStep` v

  • CVE-2023-40576Aug 31, 2023
    affected < 2.4.0-150400.3.23.1fixed 2.4.0-150400.3.23.1

    FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `RleDecompress` function. This Out-Of-Bounds Read occurs because FreeRDP processes the `pbSrcBuffer` variable wi

  • CVE-2023-40575Aug 31, 2023
    affected < 2.4.0-150400.3.23.1fixed 2.4.0-150400.3.23.1

    FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `general_YUV444ToRGB_8u_P3AC4R_BGRX` function. This issue is likely down to insufficient data for the `pSrc` var

  • CVE-2023-40188Aug 31, 2023
    affected < 2.4.0-150400.3.23.1fixed 2.4.0-150400.3.23.1

    FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Out-Of-Bounds Read in the `general_LumaToYUV444` function. This Out-Of-Bounds Read occurs because processing is done on the `in` variable

  • CVE-2023-40186Aug 31, 2023
    affected < 2.4.0-150400.3.23.1fixed 2.4.0-150400.3.23.1

    FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an IntegerOverflow leading to Out-Of-Bound Write Vulnerability in the `gdi_CreateSurface` function. This issue affects FreeRDP based clients

  • CVE-2023-40181Aug 31, 2023
    affected < 2.4.0-150400.3.23.1fixed 2.4.0-150400.3.23.1

    FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. Affected versions are subject to an Integer-Underflow leading to Out-Of-Bound Read in the `zgfx_decompress_segment` function. In the context of `CopyMemory`, it's possible to

  • CVE-2023-39356Aug 31, 2023
    affected < 2.4.0-150400.3.23.1fixed 2.4.0-150400.3.23.1

    FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. In affected versions a missing offset validation may lead to an Out Of Bound Read in the function `gdi_multi_opaque_rect`. In particular there is no code to validate if the v

Page 1 of 2