4 matches found
Amazon Linux 2023 : freerdp, freerdp-devel, freerdp-libs (ALAS2023-2026-1822)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1822 advisory. FreeRDP before 3.26.0 contains a heap-buffer-overflow vulnerability in gdiCacheToSurface that allows remote attackers to write out-of-bounds heap memory. The vulnerability occurs because...
TencentOS Server 4: freerdp (TSSA-2026:0435)
The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0435 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...
freerdp-3.26.0-3.1 on GA media (moderate)
freerdp-3.26.0-3.1 on GA media Announcement ID: openSUSE-SU-2026:10948-1 Rating: moderate Cross-References: CVE-2026-40033 CVE-2026-44420 CVE-2026-44421 CVE-2026-44422 CVE-2026-45700 CVSS scores: CVE-2026-40033 SUSE : 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2026-40033 SUSE : 9.2...
SUSE CVE-2026-44420
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard cliprdr channel by sending a CBCLIPCAPS PDU with a too-small capabilitySetLength. This can crash the server process...