Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
osvGoogleOSV:ALSA-2021:1849
HistoryMay 18, 2021 - 6:14 a.m.

Moderate: freerdp security, bug fix, and enhancement update

2021-05-1806:14:36
Google
osv.dev
9
freerdp
remote desktop protocol
security fix
bug fix
enhancement
apache license
rdp servers
microsoft windows
xrdp
virtualbox
cve-2020-4030
cve-2020-11095
cve-2020-11097
cve-2020-11099
cve-2020-15103
cve-2020-4033
cve-2020-11096
cve-2020-11098
almalinux release notes

AI Score

6.9

Confidence

High

EPSS

0.004

Percentile

72.3%

JSON

FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.

The following packages have been upgraded to a later upstream version: freerdp (2.2.0). (BZ#1881971)

Security Fix(es):

  • freerdp: out of bounds read in TrioParse (CVE-2020-4030)

  • freerdp: out of bound reads resulting in accessing memory location outside of static array PRIMARY_DRAWING_ORDER_FIELD_BYTES (CVE-2020-11095)

  • freerdp: out of bounds read in PRIMARY_DRAWING_ORDER_FIELD_BYTES (CVE-2020-11097)

  • freerdp: out of bounds read in license_read_new_or_upgrade_license_packet (CVE-2020-11099)

  • freerdp: integer overflow due to missing input sanitation in rdpegfx channel (CVE-2020-15103)

  • freerdp: out-of-bounds read in RLEDECOMPRESS (CVE-2020-4033)

  • freerdp: out-of-bound read in update_read_cache_bitmap_v3_order (CVE-2020-11096)

  • freerdp: out-of-bound read in glyph_cache_put (CVE-2020-11098)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

Related

nessus 25
osv 11
oraclelinux 1
rocky 1
almalinux 1
redhat 1
openvas 20
ubuntu 1
fedora 2
altlinux 2
archlinux 1
alpinelinux 8
cvelist 8
nvd 8
veracode 8
ubuntucve 8
debiancve 8
cve 8
redhatcve 8
prion 8
suse 2
freebsd 1
mageia 2
debian 1
nessus
nessus
CentOS 8 : freerdp (CESA-2021:1849)
2021-05-19 00:00:00
NewStart CGSL MAIN 6.02 : freerdp Multiple Vulnerabilities (NS-SA-2022-0063)
2022-05-09 00:00:00
AlmaLinux 8 : freerdp (ALSA-2021:1849)
2022-02-09 00:00:00
osv
osv
Moderate: freerdp security, bug fix, and enhancement update
2021-05-18 06:14:36
CVE-2020-11096
2020-06-22 22:15:12
CVE-2020-15103
2020-07-27 18:15:13
oraclelinux
oraclelinux
freerdp security, bug fix, and enhancement update
2021-05-25 00:00:00
rocky
rocky
freerdp security, bug fix, and enhancement update
2021-05-18 06:14:36
almalinux
almalinux
Moderate: freerdp security, bug fix, and enhancement update
2021-05-18 06:14:36
redhat
redhat
(RHSA-2021:1849) Moderate: freerdp security, bug fix, and enhancement update
2021-05-18 06:14:36
openvas
openvas
Fedora: Security Advisory for freerdp (FEDORA-2020-8d5f86e29a)
2020-07-31 00:00:00
Fedora: Security Advisory for freerdp (FEDORA-2020-a3432485db)
2020-08-02 00:00:00
Ubuntu: Security Advisory (USN-4481-1)
2020-09-02 00:00:00
ubuntu
ubuntu
FreeRDP vulnerabilities
2020-09-01 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: freerdp-2.2.0-1.fc32
2020-07-30 17:54:06
[SECURITY] Fedora 31 Update: freerdp-2.2.0-1.fc31
2020-08-01 01:18:39
altlinux
altlinux
Security fix for the ALT Linux 9 package freerdp version 2.1.2-alt1
2020-06-25 00:00:00
Security fix for the ALT Linux 9 package freerdp version 2.2.0-alt1
2020-07-23 00:00:00
archlinux
archlinux
[ASA-202006-15] freerdp: multiple issues
2020-06-28 00:00:00
alpinelinux
alpinelinux
CVE-2020-11095
2020-06-22 22:15:11
CVE-2020-11096
2020-06-22 22:15:12
CVE-2020-11097
2020-06-22 22:15:12
cvelist
cvelist
CVE-2020-11095 Global OOB read in update_recv_primary_order in FreeRDP
2020-06-22 00:00:00
CVE-2020-15103 Integer Overflow in FreeRDP
2020-07-27 00:00:00
CVE-2020-11097 OOB read in ntlm_av_pair_get in FreeRDP
2020-06-22 00:00:00
nvd
nvd
CVE-2020-11095
2020-06-22 22:15:11
CVE-2020-11096
2020-06-22 22:15:12
CVE-2020-15103
2020-07-27 18:15:13
veracode
veracode
Out Of Bounds Read
2020-08-06 21:36:53
Integer Overflow
2020-08-06 21:33:42
Denial Of Service (DoS)
2020-08-06 21:36:50
ubuntucve
ubuntucve
CVE-2020-11096
2020-06-22 00:00:00
CVE-2020-11097
2020-06-22 00:00:00
CVE-2020-15103
2020-07-27 00:00:00
debiancve
debiancve
CVE-2020-11096
2020-06-22 22:15:12
CVE-2020-11099
2020-06-22 22:15:12
CVE-2020-11097
2020-06-22 22:15:12
cve
cve
CVE-2020-11095
2020-06-22 22:15:11
CVE-2020-11097
2020-06-22 22:15:12
CVE-2020-15103
2020-07-27 18:15:13
redhatcve
redhatcve
CVE-2020-15103
2020-07-20 18:37:36
CVE-2020-11098
2020-07-08 11:20:45
CVE-2020-11095
2020-07-08 11:20:44
prion
prion
Design/Logic Flaw
2020-06-22 22:15:00
Design/Logic Flaw
2020-06-22 22:15:00
Integer overflow
2020-07-27 18:15:00
suse
suse
Security update for freerdp (moderate)
2020-09-04 00:00:00
Security update for freerdp (important)
2020-07-26 00:00:00
freebsd
freebsd
FreeRDP -- Integer overflow in RDPEGFX channel
2020-06-25 00:00:00
mageia
mageia
Updated freerdp packages fix security vulnerability
2020-08-18 23:43:16
Updated freerdp/remmina packages fix security vulnerability
2020-08-01 02:25:42
debian
debian
[SECURITY] [DLA 3606-1] freerdp2 security update
2023-10-07 18:09:17

AI Score

6.9

Confidence

High

EPSS

0.004

Percentile

72.3%

JSON
Related for OSV:ALSA-2021:1849
nessus25osv11oraclelinux1rocky1almalinux1redhat1openvas20ubuntu1fedora2altlinux2archlinux1alpinelinux8cvelist8nvd8veracode8ubuntucve8debiancve8cve8redhatcve8prion8suse2freebsd1mageia2debian1