Lucene search
Veracode Vulnerability DatabaseVERACODE:38600HistoryDec 24, 2022 - 1:56 p.m.
Out Of Bound Read
2022-12-2413:56:03
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
23
xrdp
out of bound read
vulnerability
xrdp_caps_process_confirm_active
application crash
sensitive information
0.002 Low
EPSS
Percentile
56.4%
xrdp is vulnerable to Out of Bound Reads. The vulnerability exists due to the out of bound read in the xrdp_caps_process_confirm_active() function of the library, allowing an attacker to cause an application crash or access sensitive information.
References
github.com/neutrinolabs/xrdp/commit/c77e974080da8267d902f99ca5ab7d22ea02d98c
github.com/neutrinolabs/xrdp/security/advisories/GHSA-hm75-9jcg-p7hq
github.com/neutrinolabs/xrdp/security/advisories/GHSA-hm75-9jcg-p7hq
secdb.alpinelinux.org/edge/community.yaml
secdb.alpinelinux.org/v3.17/community.yaml
www.debian.org/security/2023/dsa-5502
Related
osv
osv
CVE-2022-23481
2022-12-09 18:15:16
xrdp - security update
2023-03-31 00:00:00
xrdp - security update
2023-09-18 00:00:00
nvd
nvd
CVE-2022-23481
2022-12-09 18:15:16
alpinelinux
alpinelinux
CVE-2022-23481
2022-12-09 18:15:16
ubuntucve
ubuntucve
CVE-2022-23481
2022-12-09 00:00:00
debiancve
debiancve
CVE-2022-23481
2022-12-09 18:15:16
cvelist
cvelist
CVE-2022-23481 Out-of-Bound Read in xrdp
2022-12-09 17:50:24
cve
cve
CVE-2022-23481
2022-12-09 18:15:16
prion
prion
Design/Logic Flaw
2022-12-09 18:15:00
nessus
nessus
Debian DLA-3375-1 : xrdp - LTS security update
2023-03-31 00:00:00
SUSE SLES12 Security Update : xrdp (SUSE-SU-2023:0387-1)
2023-02-15 00:00:00
SUSE SLES12 Security Update : xrdp (SUSE-SU-2023:0340-1)
2023-02-14 00:00:00
debian
debian
[SECURITY] [DLA 3375-1] xrdp security update
2023-03-31 14:34:21
[SECURITY] [DSA 5502-1] xrdp security update
2023-09-18 21:42:53
openvas
openvas
Debian: Security Advisory (DLA-3375-1)
2023-04-03 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:0012-1)
2023-01-03 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:0033-1)
2023-01-06 00:00:00
mageia
mageia
Updated xrdp packages fix security vulnerability
2023-01-13 20:37:09
altlinux
altlinux
Security fix for the ALT Linux 10 package xrdp version 0.9.21-alt1
2022-12-21 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: xrdp-0.9.21-1.fc37
2022-12-21 01:28:50
[SECURITY] Fedora 36 Update: xrdp-0.9.21-1.fc36
2022-12-21 01:18:14
freebsd
freebsd
xrdp -- multiple vulnerabilities
2022-12-01 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2249
2023-10-21 13:15:43
redos
redos
ROS-20221222-01
2022-12-22 00:00:00
ubuntu
ubuntu
xrdp vulnerabilities
2023-11-08 00:00:00