VYPR

rpm package

suse/xrdp&distro=SUSE Linux Enterprise Module for Basesystem 15 SP5

pkg:rpm/suse/xrdp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5

Vulnerabilities (2)

  • CVE-2023-42822Sep 27, 2023
    affected < 0.9.13.1-150200.4.27.1fixed 0.9.13.1-150200.4.27.1

    xrdp is an open source remote desktop protocol server. Access to the font glyphs in xrdp_painter.c is not bounds-checked . Since some of this data is controllable by the user, this can result in an out-of-bounds read within the xrdp executable. The vulnerability allows an out-of-

  • CVE-2023-40184Aug 30, 2023
    affected < 0.9.13.1-150200.4.24.1fixed 0.9.13.1-150200.4.24.1

    xrdp is an open source remote desktop protocol (RDP) server. In versions prior to 0.9.23 improper handling of session establishment errors allows bypassing OS-level session restrictions. The `auth_start_session` function can return non-zero (1) value on, e.g., PAM error which may