3 matches found
OPENSUSE-SU-2026:21116-1 Security update for freerdp
This update for freerdp fixes the following issues Update to version 3.26.0: - CVE-2026-33982: heap-buffer-overflow READ vulnerability at 24 bytes before the allocation, in winpralignedoffsetrecalloc bsc1261222. - CVE-2026-33985: FreeRDP: Information disclosure via heap memory out of bounds read...
Amazon Linux 2023 : freerdp, freerdp-devel, freerdp-libs (ALAS2023-2026-1643)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1643 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Versions prior to 3.25.0 have an off-by- one in the path traversal filter in channels/drive/client/drivefile.c. The containsdotdot...
DEBIAN-CVE-2026-40254
FreeRDP is a free implementation of the Remote Desktop Protocol. Versions prior to 3.25.0 have an off-by-one in the path traversal filter in channels/drive/client/drivefile.c. The containsdotdot function catches ../ and ..\ mid-path but misses .. when it's the last component with no trailing...