2 matches found
SUSE CVE-2022-41877
FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing input length validation in drive channel. A malicious server can trick a FreeRDP based client to read out of bound data and send it back to the server. This issue has been addressed in version...
Improper Input Validation
Overview Affected versions of this package are vulnerable to Improper Input Validation. When specifying a trusted server CA certificate via the servercacert setting, the Ruby agent will not properly verify the certificate returned by the APM server. Remediation Upgrade elastic-apm to version 2.9....