FreeRDP is a free remote desktop protocol library and clients. All FreeRDP based clients when using the `/video` command line switch might read uninitialized data, decode it as audio/video and display the result. FreeRDP based server implementations are not affected. This issue has been patched in version 2.8.1. If you cannot upgrade do not use the `/video` switch.
References
Configurations
History
21 Nov 2024, 07:17
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.9 |
References | () https://github.com/FreeRDP/FreeRDP/releases/tag/2.8.1 - Release Notes, Third Party Advisory | |
References | () https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-6cf9-3328-qrvh - Third Party Advisory | |
References | () https://lists.debian.org/debian-lts-announce/2023/11/msg00010.html - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HEWWYMGWIMD4RDCOGHWMZXUMBGZHC5NW/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RLZCF7YHNC5BECDPEJNAZUYGNNM7NFME/ - | |
References | () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UDOTAOJBCZKREZJPT6VZ25GESI5T6RBG/ - | |
References | () https://security.gentoo.org/glsa/202210-24 - Third Party Advisory |
17 Nov 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Nov 2023, 03:50
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
27 Jun 2023, 18:44
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-908 |
Information
Published : 2022-10-12 23:15
Updated : 2024-11-21 07:17
NVD link : CVE-2022-39283
Mitre link : CVE-2022-39283
CVE.ORG link : CVE-2022-39283
JSON object : View
Products Affected
fedoraproject
- fedora
freerdp
- freerdp