Total vulnerabilities in the database
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. This issue affects Clients only. Integer underflow leading to DOS (e.g. abort due to WINPR_ASSERT with default compilation flags). When an insufficient blockLen is provided, and proper length validation is not performed, an Integer Underflow occurs, leading to a Denial of Service (DOS) vulnerability. This issue has been addressed in versions 2.11.0 and 3.0.0-beta3. Users are advised to upgrade. There are no known workarounds for this vulnerability.
| Software | From | Fixed in |
|---|---|---|
| freerdp / freerdp | 3.0.0-beta1 | 3.0.0-beta1.x |
| freerdp / freerdp | 3.0.0-beta2 | 3.0.0-beta2.x |
| freerdp / freerdp | - | 2.11.0 |
| debian / debian_linux | 10.0 | 10.0.x |
| fedoraproject / fedora | 37 | 37.x |
| fedoraproject / fedora | 38 | 38.x |
| fedoraproject / fedora | 39 | 39.x |