Количество 7
Количество 7
CVE-2026-23531
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, in ClearCodec, when `glyphData` is present, `clear_decompress` calls `freerdp_image_copy_no_overlap` without validating the destination rectangle, allowing an out-of-bounds read/write via crafted RDPGFX surface updates. A malicious server can trigger a client‑side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code‑execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue.
CVE-2026-23531
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, in ClearCodec, when `glyphData` is present, `clear_decompress` calls `freerdp_image_copy_no_overlap` without validating the destination rectangle, allowing an out-of-bounds read/write via crafted RDPGFX surface updates. A malicious server can trigger a client‑side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code‑execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue.
CVE-2026-23531
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior ...
BDU:2026-00656
Уязвимость функции clear_decompress() RDP-клиента FreeRDP, позволяющая нарушителю выполнить произвольный код и вызвать отказ в обслуживании
ELSA-2026-2081
ELSA-2026-2081: freerdp security update (IMPORTANT)
ELSA-2026-2048
ELSA-2026-2048: freerdp security update (IMPORTANT)
SUSE-SU-2026:0345-1
Security update for freerdp
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-23531 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, in ClearCodec, when `glyphData` is present, `clear_decompress` calls `freerdp_image_copy_no_overlap` without validating the destination rectangle, allowing an out-of-bounds read/write via crafted RDPGFX surface updates. A malicious server can trigger a client‑side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code‑execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue. | CVSS3: 9.8 | 0% Низкий | 20 дней назад |
 | CVE-2026-23531 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.21.0, in ClearCodec, when `glyphData` is present, `clear_decompress` calls `freerdp_image_copy_no_overlap` without validating the destination rectangle, allowing an out-of-bounds read/write via crafted RDPGFX surface updates. A malicious server can trigger a client‑side heap buffer overflow, causing a crash (DoS) and potential heap corruption with code‑execution risk depending on allocator behavior and surrounding heap layout. Version 3.21.0 contains a patch for the issue. | CVSS3: 9.8 | 0% Низкий | 20 дней назад |
| CVE-2026-23531 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior ... | CVSS3: 9.8 | 0% Низкий | 20 дней назад |
 | BDU:2026-00656 Уязвимость функции clear_decompress() RDP-клиента FreeRDP, позволяющая нарушителю выполнить произвольный код и вызвать отказ в обслуживании | CVSS3: 7.5 | 0% Низкий | 21 день назад |
| ELSA-2026-2081 ELSA-2026-2081: freerdp security update (IMPORTANT) | 4 дня назад | ||
| ELSA-2026-2048 ELSA-2026-2048: freerdp security update (IMPORTANT) | 4 дня назад | ||
 | SUSE-SU-2026:0345-1 Security update for freerdp | 10 дней назад |
Уязвимостей на страницу