Action not permitted
Modal body text goes here.
cve-2020-11095
Vulnerability from cvelistv5
Published
2020-06-22 00:00
Modified
2024-08-04 11:21
Severity ?
EPSS score ?
Summary
Global OOB read in update_recv_primary_order in FreeRDP
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:21:14.625Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://www.freerdp.com/2020/06/22/2_1_2-released"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-563r-pvh7-4fw2"
},
{
"tags": [
"x_transferred"
],
"url": "https://github.com/FreeRDP/FreeRDP/commit/733ee3208306b1ea32697b356c0215180fc3f049"
},
{
"name": "openSUSE-SU-2020:1090",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html"
},
{
"name": "FEDORA-2020-8d5f86e29a",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y35HBHG2INICLSGCIKNAR7GCXEHQACQ/"
},
{
"name": "FEDORA-2020-a3432485db",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOZLH35OJWIQLM7FYDXAP2EAUBDXE76V/"
},
{
"name": "USN-4481-1",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://usn.ubuntu.com/4481-1/"
},
{
"name": "[debian-lts-announce] 20231007 [SECURITY] [DLA 3606-1] freerdp2 security update",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "FreeRDP",
"vendor": "FreeRDP",
"versions": [
{
"status": "affected",
"version": "\u003c 2.1.2"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-07T20:07:35.073025",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"url": "http://www.freerdp.com/2020/06/22/2_1_2-released"
},
{
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-563r-pvh7-4fw2"
},
{
"url": "https://github.com/FreeRDP/FreeRDP/commit/733ee3208306b1ea32697b356c0215180fc3f049"
},
{
"name": "openSUSE-SU-2020:1090",
"tags": [
"vendor-advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html"
},
{
"name": "FEDORA-2020-8d5f86e29a",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y35HBHG2INICLSGCIKNAR7GCXEHQACQ/"
},
{
"name": "FEDORA-2020-a3432485db",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOZLH35OJWIQLM7FYDXAP2EAUBDXE76V/"
},
{
"name": "USN-4481-1",
"tags": [
"vendor-advisory"
],
"url": "https://usn.ubuntu.com/4481-1/"
},
{
"name": "[debian-lts-announce] 20231007 [SECURITY] [DLA 3606-1] freerdp2 security update",
"tags": [
"mailing-list"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html"
}
],
"source": {
"advisory": "GHSA-563r-pvh7-4fw2",
"discovery": "UNKNOWN"
},
"title": "Global OOB read in update_recv_primary_order in FreeRDP"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2020-11095",
"datePublished": "2020-06-22T00:00:00",
"dateReserved": "2020-03-30T00:00:00",
"dateUpdated": "2024-08-04T11:21:14.625Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2020-11095\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2020-06-22T22:15:11.913\",\"lastModified\":\"2023-11-07T03:14:29.667\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.\"},{\"lang\":\"es\",\"value\":\"En FreeRDP versiones anteriores a 2.1.2, se producen lecturas fuera de l\u00edmite que resultan en el acceso a una ubicaci\u00f3n de memoria que est\u00e1 fuera de l\u00edmites de la matriz est\u00e1tica de PRIMARY_DRAWING_ORDER_FIELD_BYTES. Esto es corregido en la versi\u00f3n 2.1.2\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\",\"baseScore\":5.4,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":2.8,\"impactScore\":2.5},{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"LOW\",\"availabilityImpact\":\"NONE\",\"baseScore\":3.5,\"baseSeverity\":\"LOW\"},\"exploitabilityScore\":1.8,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.5},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-125\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.1.2\",\"matchCriteriaId\":\"DDAC8E89-8F23-4799-AA42-AD419455D1F6\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B620311B-34A3-48A6-82DF-6F078D7A4493\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*\",\"matchCriteriaId\":\"B3293E55-5506-4587-A318-D1734F781C09\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"902B8056-9E37-443B-8905-8AA93E2447FB\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"07B237A9-69A3-4A9C-9DA0-4E06BD37AE73\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.freerdp.com/2020/06/22/2_1_2-released\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://github.com/FreeRDP/FreeRDP/commit/733ee3208306b1ea32697b356c0215180fc3f049\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-563r-pvh7-4fw2\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6Y35HBHG2INICLSGCIKNAR7GCXEHQACQ/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XOZLH35OJWIQLM7FYDXAP2EAUBDXE76V/\",\"source\":\"security-advisories@github.com\"},{\"url\":\"https://usn.ubuntu.com/4481-1/\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
gsd-2020-11095
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-11095",
"description": "In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.",
"id": "GSD-2020-11095",
"references": [
"https://www.suse.com/security/cve/CVE-2020-11095.html",
"https://access.redhat.com/errata/RHSA-2021:1849",
"https://ubuntu.com/security/CVE-2020-11095",
"https://advisories.mageia.org/CVE-2020-11095.html",
"https://security.archlinux.org/CVE-2020-11095",
"https://linux.oracle.com/cve/CVE-2020-11095.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-11095"
],
"details": "In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.",
"id": "GSD-2020-11095",
"modified": "2023-12-13T01:22:07.445946Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-11095",
"STATE": "PUBLIC",
"TITLE": "Global OOB read in update_recv_primary_order in FreeRDP"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "FreeRDP",
"version": {
"version_data": [
{
"version_value": "\u003c 2.1.2"
}
]
}
}
]
},
"vendor_name": "FreeRDP"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2."
}
]
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-125: Out-of-bounds Read"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.freerdp.com/2020/06/22/2_1_2-released",
"refsource": "MISC",
"url": "http://www.freerdp.com/2020/06/22/2_1_2-released"
},
{
"name": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-563r-pvh7-4fw2",
"refsource": "CONFIRM",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-563r-pvh7-4fw2"
},
{
"name": "https://github.com/FreeRDP/FreeRDP/commit/733ee3208306b1ea32697b356c0215180fc3f049",
"refsource": "MISC",
"url": "https://github.com/FreeRDP/FreeRDP/commit/733ee3208306b1ea32697b356c0215180fc3f049"
},
{
"name": "openSUSE-SU-2020:1090",
"refsource": "SUSE",
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html"
},
{
"name": "FEDORA-2020-8d5f86e29a",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y35HBHG2INICLSGCIKNAR7GCXEHQACQ/"
},
{
"name": "FEDORA-2020-a3432485db",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOZLH35OJWIQLM7FYDXAP2EAUBDXE76V/"
},
{
"name": "USN-4481-1",
"refsource": "UBUNTU",
"url": "https://usn.ubuntu.com/4481-1/"
},
{
"name": "[debian-lts-announce] 20231007 [SECURITY] [DLA 3606-1] freerdp2 security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html"
}
]
},
"source": {
"advisory": "GHSA-563r-pvh7-4fw2",
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:freerdp:freerdp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.1.2",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:esm:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security-advisories@github.com",
"ID": "CVE-2020-11095"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/FreeRDP/FreeRDP/commit/733ee3208306b1ea32697b356c0215180fc3f049",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/FreeRDP/FreeRDP/commit/733ee3208306b1ea32697b356c0215180fc3f049"
},
{
"name": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-563r-pvh7-4fw2",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-563r-pvh7-4fw2"
},
{
"name": "http://www.freerdp.com/2020/06/22/2_1_2-released",
"refsource": "MISC",
"tags": [
"Release Notes",
"Vendor Advisory"
],
"url": "http://www.freerdp.com/2020/06/22/2_1_2-released"
},
{
"name": "openSUSE-SU-2020:1090",
"refsource": "SUSE",
"tags": [
"Third Party Advisory"
],
"url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html"
},
{
"name": "FEDORA-2020-8d5f86e29a",
"refsource": "FEDORA",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6Y35HBHG2INICLSGCIKNAR7GCXEHQACQ/"
},
{
"name": "FEDORA-2020-a3432485db",
"refsource": "FEDORA",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XOZLH35OJWIQLM7FYDXAP2EAUBDXE76V/"
},
{
"name": "USN-4481-1",
"refsource": "UBUNTU",
"tags": [
"Third Party Advisory"
],
"url": "https://usn.ubuntu.com/4481-1/"
},
{
"name": "[debian-lts-announce] 20231007 [SECURITY] [DLA 3606-1] freerdp2 security update",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.5
}
},
"lastModifiedDate": "2023-10-20T19:38Z",
"publishedDate": "2020-06-22T22:15Z"
}
}
}
rhsa-2021_1849
Vulnerability from csaf_redhat
Published
2021-05-18 14:41
Modified
2024-11-05 23:35
Summary
Red Hat Security Advisory: freerdp security, bug fix, and enhancement update
Notes
Topic
An update for freerdp is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.
The following packages have been upgraded to a later upstream version: freerdp (2.2.0). (BZ#1881971)
Security Fix(es):
* freerdp: out of bounds read in TrioParse (CVE-2020-4030)
* freerdp: out of bound reads resulting in accessing memory location outside of static array PRIMARY_DRAWING_ORDER_FIELD_BYTES (CVE-2020-11095)
* freerdp: out of bounds read in PRIMARY_DRAWING_ORDER_FIELD_BYTES (CVE-2020-11097)
* freerdp: out of bounds read in license_read_new_or_upgrade_license_packet (CVE-2020-11099)
* freerdp: integer overflow due to missing input sanitation in rdpegfx channel (CVE-2020-15103)
* freerdp: out-of-bounds read in RLEDECOMPRESS (CVE-2020-4033)
* freerdp: out-of-bound read in update_read_cache_bitmap_v3_order (CVE-2020-11096)
* freerdp: out-of-bound read in glyph_cache_put (CVE-2020-11098)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for freerdp is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "FreeRDP is a free implementation of the Remote Desktop Protocol (RDP), released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox.\n\nThe following packages have been upgraded to a later upstream version: freerdp (2.2.0). (BZ#1881971)\n\nSecurity Fix(es):\n\n* freerdp: out of bounds read in TrioParse (CVE-2020-4030)\n\n* freerdp: out of bound reads resulting in accessing memory location outside of static array PRIMARY_DRAWING_ORDER_FIELD_BYTES (CVE-2020-11095)\n\n* freerdp: out of bounds read in PRIMARY_DRAWING_ORDER_FIELD_BYTES (CVE-2020-11097)\n\n* freerdp: out of bounds read in license_read_new_or_upgrade_license_packet (CVE-2020-11099)\n\n* freerdp: integer overflow due to missing input sanitation in rdpegfx channel (CVE-2020-15103)\n\n* freerdp: out-of-bounds read in RLEDECOMPRESS (CVE-2020-4033)\n\n* freerdp: out-of-bound read in update_read_cache_bitmap_v3_order (CVE-2020-11096)\n\n* freerdp: out-of-bound read in glyph_cache_put (CVE-2020-11098)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:1849",
"url": "https://access.redhat.com/errata/RHSA-2021:1849"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.4_release_notes/"
},
{
"category": "external",
"summary": "1854843",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854843"
},
{
"category": "external",
"summary": "1854847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854847"
},
{
"category": "external",
"summary": "1854850",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854850"
},
{
"category": "external",
"summary": "1854876",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854876"
},
{
"category": "external",
"summary": "1854895",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854895"
},
{
"category": "external",
"summary": "1854899",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854899"
},
{
"category": "external",
"summary": "1854910",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854910"
},
{
"category": "external",
"summary": "1858909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858909"
},
{
"category": "external",
"summary": "1881971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881971"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_1849.json"
}
],
"title": "Red Hat Security Advisory: freerdp security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-11-05T23:35:04+00:00",
"generator": {
"date": "2024-11-05T23:35:04+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2021:1849",
"initial_release_date": "2021-05-18T14:41:33+00:00",
"revision_history": [
{
"date": "2021-05-18T14:41:33+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-05-18T14:41:33+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T23:35:04+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
},
{
"category": "product_name",
"name": "Red Hat CodeReady Linux Builder (v. 8)",
"product": {
"name": "Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::crb"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.2.0-1.el8.s390x",
"product": {
"name": "freerdp-2:2.2.0-1.el8.s390x",
"product_id": "freerdp-2:2.2.0-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.2.0-1.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.2.0-1.el8.s390x",
"product": {
"name": "freerdp-libs-2:2.2.0-1.el8.s390x",
"product_id": "freerdp-libs-2:2.2.0-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.2.0-1.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.2.0-1.el8.s390x",
"product": {
"name": "libwinpr-2:2.2.0-1.el8.s390x",
"product_id": "libwinpr-2:2.2.0-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.2.0-1.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.2.0-1.el8.s390x",
"product": {
"name": "libwinpr-devel-2:2.2.0-1.el8.s390x",
"product_id": "libwinpr-devel-2:2.2.0-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.2.0-1.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.2.0-1.el8.s390x",
"product": {
"name": "freerdp-debugsource-2:2.2.0-1.el8.s390x",
"product_id": "freerdp-debugsource-2:2.2.0-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.2.0-1.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"product": {
"name": "freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"product_id": "freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.2.0-1.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"product": {
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"product_id": "freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.2.0-1.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"product": {
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"product_id": "libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.2.0-1.el8?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.2.0-1.el8.s390x",
"product": {
"name": "freerdp-devel-2:2.2.0-1.el8.s390x",
"product_id": "freerdp-devel-2:2.2.0-1.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.2.0-1.el8?arch=s390x\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.2.0-1.el8.x86_64",
"product": {
"name": "freerdp-2:2.2.0-1.el8.x86_64",
"product_id": "freerdp-2:2.2.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.2.0-1.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.2.0-1.el8.x86_64",
"product": {
"name": "freerdp-libs-2:2.2.0-1.el8.x86_64",
"product_id": "freerdp-libs-2:2.2.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.2.0-1.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.2.0-1.el8.x86_64",
"product": {
"name": "libwinpr-2:2.2.0-1.el8.x86_64",
"product_id": "libwinpr-2:2.2.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.2.0-1.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.2.0-1.el8.x86_64",
"product": {
"name": "libwinpr-devel-2:2.2.0-1.el8.x86_64",
"product_id": "libwinpr-devel-2:2.2.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.2.0-1.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"product": {
"name": "freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"product_id": "freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.2.0-1.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"product": {
"name": "freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"product_id": "freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.2.0-1.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"product": {
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"product_id": "freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.2.0-1.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"product": {
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"product_id": "libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.2.0-1.el8?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.2.0-1.el8.x86_64",
"product": {
"name": "freerdp-devel-2:2.2.0-1.el8.x86_64",
"product_id": "freerdp-devel-2:2.2.0-1.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.2.0-1.el8?arch=x86_64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-libs-2:2.2.0-1.el8.i686",
"product": {
"name": "freerdp-libs-2:2.2.0-1.el8.i686",
"product_id": "freerdp-libs-2:2.2.0-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.2.0-1.el8?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.2.0-1.el8.i686",
"product": {
"name": "libwinpr-2:2.2.0-1.el8.i686",
"product_id": "libwinpr-2:2.2.0-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.2.0-1.el8?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.2.0-1.el8.i686",
"product": {
"name": "libwinpr-devel-2:2.2.0-1.el8.i686",
"product_id": "libwinpr-devel-2:2.2.0-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.2.0-1.el8?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.2.0-1.el8.i686",
"product": {
"name": "freerdp-debugsource-2:2.2.0-1.el8.i686",
"product_id": "freerdp-debugsource-2:2.2.0-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.2.0-1.el8?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.2.0-1.el8.i686",
"product": {
"name": "freerdp-debuginfo-2:2.2.0-1.el8.i686",
"product_id": "freerdp-debuginfo-2:2.2.0-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.2.0-1.el8?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"product": {
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"product_id": "freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.2.0-1.el8?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"product": {
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"product_id": "libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.2.0-1.el8?arch=i686\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.2.0-1.el8.i686",
"product": {
"name": "freerdp-devel-2:2.2.0-1.el8.i686",
"product_id": "freerdp-devel-2:2.2.0-1.el8.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.2.0-1.el8?arch=i686\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.2.0-1.el8.ppc64le",
"product": {
"name": "freerdp-2:2.2.0-1.el8.ppc64le",
"product_id": "freerdp-2:2.2.0-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.2.0-1.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.2.0-1.el8.ppc64le",
"product": {
"name": "freerdp-libs-2:2.2.0-1.el8.ppc64le",
"product_id": "freerdp-libs-2:2.2.0-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.2.0-1.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.2.0-1.el8.ppc64le",
"product": {
"name": "libwinpr-2:2.2.0-1.el8.ppc64le",
"product_id": "libwinpr-2:2.2.0-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.2.0-1.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"product": {
"name": "libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"product_id": "libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.2.0-1.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"product": {
"name": "freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"product_id": "freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.2.0-1.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"product": {
"name": "freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"product_id": "freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.2.0-1.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"product": {
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"product_id": "freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.2.0-1.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"product": {
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"product_id": "libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.2.0-1.el8?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.2.0-1.el8.ppc64le",
"product": {
"name": "freerdp-devel-2:2.2.0-1.el8.ppc64le",
"product_id": "freerdp-devel-2:2.2.0-1.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.2.0-1.el8?arch=ppc64le\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.2.0-1.el8.aarch64",
"product": {
"name": "freerdp-2:2.2.0-1.el8.aarch64",
"product_id": "freerdp-2:2.2.0-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.2.0-1.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-2:2.2.0-1.el8.aarch64",
"product": {
"name": "freerdp-libs-2:2.2.0-1.el8.aarch64",
"product_id": "freerdp-libs-2:2.2.0-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs@2.2.0-1.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-2:2.2.0-1.el8.aarch64",
"product": {
"name": "libwinpr-2:2.2.0-1.el8.aarch64",
"product_id": "libwinpr-2:2.2.0-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr@2.2.0-1.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-devel-2:2.2.0-1.el8.aarch64",
"product": {
"name": "libwinpr-devel-2:2.2.0-1.el8.aarch64",
"product_id": "libwinpr-devel-2:2.2.0-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-devel@2.2.0-1.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"product": {
"name": "freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"product_id": "freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debugsource@2.2.0-1.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"product": {
"name": "freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"product_id": "freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-debuginfo@2.2.0-1.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"product": {
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"product_id": "freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-libs-debuginfo@2.2.0-1.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"product": {
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"product_id": "libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libwinpr-debuginfo@2.2.0-1.el8?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "freerdp-devel-2:2.2.0-1.el8.aarch64",
"product": {
"name": "freerdp-devel-2:2.2.0-1.el8.aarch64",
"product_id": "freerdp-devel-2:2.2.0-1.el8.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp-devel@2.2.0-1.el8?arch=aarch64\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "freerdp-2:2.2.0-1.el8.src",
"product": {
"name": "freerdp-2:2.2.0-1.el8.src",
"product_id": "freerdp-2:2.2.0-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/freerdp@2.2.0-1.el8?arch=src\u0026epoch=2"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.2.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64"
},
"product_reference": "freerdp-2:2.2.0-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.2.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le"
},
"product_reference": "freerdp-2:2.2.0-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.2.0-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x"
},
"product_reference": "freerdp-2:2.2.0-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.2.0-1.el8.src as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src"
},
"product_reference": "freerdp-2:2.2.0-1.el8.src",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.2.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64"
},
"product_reference": "freerdp-2:2.2.0-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.2.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64"
},
"product_reference": "freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.2.0-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686"
},
"product_reference": "freerdp-debuginfo-2:2.2.0-1.el8.i686",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.2.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le"
},
"product_reference": "freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.2.0-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x"
},
"product_reference": "freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.2.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64"
},
"product_reference": "freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.2.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64"
},
"product_reference": "freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.2.0-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686"
},
"product_reference": "freerdp-debugsource-2:2.2.0-1.el8.i686",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.2.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le"
},
"product_reference": "freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.2.0-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x"
},
"product_reference": "freerdp-debugsource-2:2.2.0-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.2.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64"
},
"product_reference": "freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.2.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64"
},
"product_reference": "freerdp-devel-2:2.2.0-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.2.0-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686"
},
"product_reference": "freerdp-devel-2:2.2.0-1.el8.i686",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.2.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le"
},
"product_reference": "freerdp-devel-2:2.2.0-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.2.0-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x"
},
"product_reference": "freerdp-devel-2:2.2.0-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.2.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64"
},
"product_reference": "freerdp-devel-2:2.2.0-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.2.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64"
},
"product_reference": "freerdp-libs-2:2.2.0-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.2.0-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686"
},
"product_reference": "freerdp-libs-2:2.2.0-1.el8.i686",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.2.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le"
},
"product_reference": "freerdp-libs-2:2.2.0-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.2.0-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x"
},
"product_reference": "freerdp-libs-2:2.2.0-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.2.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64"
},
"product_reference": "freerdp-libs-2:2.2.0-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686"
},
"product_reference": "freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le"
},
"product_reference": "freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x"
},
"product_reference": "freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.2.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64"
},
"product_reference": "libwinpr-2:2.2.0-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.2.0-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686"
},
"product_reference": "libwinpr-2:2.2.0-1.el8.i686",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.2.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le"
},
"product_reference": "libwinpr-2:2.2.0-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.2.0-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x"
},
"product_reference": "libwinpr-2:2.2.0-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.2.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64"
},
"product_reference": "libwinpr-2:2.2.0-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64"
},
"product_reference": "libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686"
},
"product_reference": "libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le"
},
"product_reference": "libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x"
},
"product_reference": "libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64"
},
"product_reference": "libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.2.0-1.el8.aarch64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64"
},
"product_reference": "libwinpr-devel-2:2.2.0-1.el8.aarch64",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.2.0-1.el8.i686 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686"
},
"product_reference": "libwinpr-devel-2:2.2.0-1.el8.i686",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.2.0-1.el8.ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le"
},
"product_reference": "libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.2.0-1.el8.s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x"
},
"product_reference": "libwinpr-devel-2:2.2.0-1.el8.s390x",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.2.0-1.el8.x86_64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
},
"product_reference": "libwinpr-devel-2:2.2.0-1.el8.x86_64",
"relates_to_product_reference": "AppStream-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.2.0-1.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64"
},
"product_reference": "freerdp-2:2.2.0-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.2.0-1.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le"
},
"product_reference": "freerdp-2:2.2.0-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.2.0-1.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x"
},
"product_reference": "freerdp-2:2.2.0-1.el8.s390x",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.2.0-1.el8.src as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src"
},
"product_reference": "freerdp-2:2.2.0-1.el8.src",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-2:2.2.0-1.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64"
},
"product_reference": "freerdp-2:2.2.0-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.2.0-1.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64"
},
"product_reference": "freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.2.0-1.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686"
},
"product_reference": "freerdp-debuginfo-2:2.2.0-1.el8.i686",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.2.0-1.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le"
},
"product_reference": "freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.2.0-1.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x"
},
"product_reference": "freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debuginfo-2:2.2.0-1.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64"
},
"product_reference": "freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.2.0-1.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64"
},
"product_reference": "freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.2.0-1.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686"
},
"product_reference": "freerdp-debugsource-2:2.2.0-1.el8.i686",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.2.0-1.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le"
},
"product_reference": "freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.2.0-1.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x"
},
"product_reference": "freerdp-debugsource-2:2.2.0-1.el8.s390x",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-debugsource-2:2.2.0-1.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64"
},
"product_reference": "freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.2.0-1.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64"
},
"product_reference": "freerdp-devel-2:2.2.0-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.2.0-1.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686"
},
"product_reference": "freerdp-devel-2:2.2.0-1.el8.i686",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.2.0-1.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le"
},
"product_reference": "freerdp-devel-2:2.2.0-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.2.0-1.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x"
},
"product_reference": "freerdp-devel-2:2.2.0-1.el8.s390x",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-devel-2:2.2.0-1.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64"
},
"product_reference": "freerdp-devel-2:2.2.0-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.2.0-1.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64"
},
"product_reference": "freerdp-libs-2:2.2.0-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.2.0-1.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686"
},
"product_reference": "freerdp-libs-2:2.2.0-1.el8.i686",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.2.0-1.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le"
},
"product_reference": "freerdp-libs-2:2.2.0-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.2.0-1.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x"
},
"product_reference": "freerdp-libs-2:2.2.0-1.el8.s390x",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-2:2.2.0-1.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64"
},
"product_reference": "freerdp-libs-2:2.2.0-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686"
},
"product_reference": "freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le"
},
"product_reference": "freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x"
},
"product_reference": "freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64"
},
"product_reference": "freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.2.0-1.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64"
},
"product_reference": "libwinpr-2:2.2.0-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.2.0-1.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686"
},
"product_reference": "libwinpr-2:2.2.0-1.el8.i686",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.2.0-1.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le"
},
"product_reference": "libwinpr-2:2.2.0-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.2.0-1.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x"
},
"product_reference": "libwinpr-2:2.2.0-1.el8.s390x",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-2:2.2.0-1.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64"
},
"product_reference": "libwinpr-2:2.2.0-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64"
},
"product_reference": "libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686"
},
"product_reference": "libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le"
},
"product_reference": "libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x"
},
"product_reference": "libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-debuginfo-2:2.2.0-1.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64"
},
"product_reference": "libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.2.0-1.el8.aarch64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64"
},
"product_reference": "libwinpr-devel-2:2.2.0-1.el8.aarch64",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.2.0-1.el8.i686 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686"
},
"product_reference": "libwinpr-devel-2:2.2.0-1.el8.i686",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.2.0-1.el8.ppc64le as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le"
},
"product_reference": "libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.2.0-1.el8.s390x as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x"
},
"product_reference": "libwinpr-devel-2:2.2.0-1.el8.s390x",
"relates_to_product_reference": "CRB-8.4.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libwinpr-devel-2:2.2.0-1.el8.x86_64 as a component of Red Hat CodeReady Linux Builder (v. 8)",
"product_id": "CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
},
"product_reference": "libwinpr-devel-2:2.2.0-1.el8.x86_64",
"relates_to_product_reference": "CRB-8.4.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-4030",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1854895"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out of bounds read in TrioParse",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-4030"
},
{
"category": "external",
"summary": "RHBZ#1854895",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854895"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-4030",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-4030"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-4030",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-4030"
}
],
"release_date": "2020-06-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-18T14:41:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1849"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: out of bounds read in TrioParse"
},
{
"cve": "CVE-2020-4033",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1854876"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions with color depth \u003c 32 are affected. This is fixed in version 2.1.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out-of-bounds read in RLEDECOMPRESS",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-4033"
},
{
"category": "external",
"summary": "RHBZ#1854876",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854876"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-4033",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-4033"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-4033",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-4033"
}
],
"release_date": "2020-06-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-18T14:41:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1849"
},
{
"category": "workaround",
"details": "Set the color depth to 32 with the client commandline option: /bpp:32.",
"product_ids": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: out-of-bounds read in RLEDECOMPRESS"
},
{
"cve": "CVE-2020-11095",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1854850"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP before version 2.1.2, an out of bound reads occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out of bound reads resulting in accessing memory location outside of static array PRIMARY_DRAWING_ORDER_FIELD_BYTES",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11095"
},
{
"category": "external",
"summary": "RHBZ#1854850",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854850"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11095",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11095"
}
],
"release_date": "2020-06-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-18T14:41:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1849"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: out of bound reads resulting in accessing memory location outside of static array PRIMARY_DRAWING_ORDER_FIELD_BYTES"
},
{
"cve": "CVE-2020-11096",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1854847"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP before version 2.1.2, there is a global OOB read in update_read_cache_bitmap_v3_order. As a workaround, one can disable bitmap cache with -bitmap-cache (default). This is fixed in version 2.1.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out-of-bound read in update_read_cache_bitmap_v3_order",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11096"
},
{
"category": "external",
"summary": "RHBZ#1854847",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854847"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11096",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11096"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11096",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11096"
}
],
"release_date": "2020-06-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-18T14:41:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1849"
},
{
"category": "workaround",
"details": "Do not enable the +bitmap-cache option in the freerdp client. Alternatively, the bitmap-cache can be explicitly disabled with the -bitmap-cache commandline option.",
"product_ids": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: out-of-bound read in update_read_cache_bitmap_v3_order"
},
{
"cve": "CVE-2020-11097",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1854910"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP before version 2.1.2, an out of bounds read occurs resulting in accessing a memory location that is outside of the boundaries of the static array PRIMARY_DRAWING_ORDER_FIELD_BYTES. This is fixed in version 2.1.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out of bounds read in PRIMARY_DRAWING_ORDER_FIELD_BYTES",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11097"
},
{
"category": "external",
"summary": "RHBZ#1854910",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854910"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11097",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11097"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11097",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11097"
}
],
"release_date": "2020-06-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-18T14:41:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1849"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: out of bounds read in PRIMARY_DRAWING_ORDER_FIELD_BYTES"
},
{
"cve": "CVE-2020-11098",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1854843"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP before version 2.1.2, there is an out-of-bound read in glyph_cache_put. This affects all FreeRDP clients with `+glyph-cache` option enabled This is fixed in version 2.1.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out-of-bound read in glyph_cache_put",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11098"
},
{
"category": "external",
"summary": "RHBZ#1854843",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854843"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11098",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11098"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11098",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11098"
}
],
"release_date": "2020-06-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-18T14:41:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1849"
},
{
"category": "workaround",
"details": "Do not use the +glyph_cache option in the freerdp client, which is disabled by default in freerdp-2.0.0.rc4 (shipped with Red Hat Enterprise Linux 7 and 8), but required to connect to xrdp.",
"product_ids": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "freerdp: out-of-bound read in glyph_cache_put"
},
{
"cve": "CVE-2020-11099",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"discovery_date": "2020-07-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1854899"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP before version 2.1.2, there is an out of bounds read in license_read_new_or_upgrade_license_packet. A manipulated license packet can lead to out of bound reads to an internal buffer. This is fixed in version 2.1.2.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: out of bounds read in license_read_new_or_upgrade_license_packet",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-11099"
},
{
"category": "external",
"summary": "RHBZ#1854899",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1854899"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-11099",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11099"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-11099",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-11099"
}
],
"release_date": "2020-06-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-18T14:41:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1849"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: out of bounds read in license_read_new_or_upgrade_license_packet"
},
{
"cve": "CVE-2020-15103",
"cwe": {
"id": "CWE-122",
"name": "Heap-based Buffer Overflow"
},
"discovery_date": "2020-07-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1858909"
}
],
"notes": [
{
"category": "description",
"text": "In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. All FreeRDP clients are affected. The input rectangles from the server are not checked against local surface coordinates and blindly accepted. A malicious server can send data that will crash the client later on (invalid length arguments to a `memcpy`) This has been fixed in 2.2.0. As a workaround, stop using command line arguments /gfx, /gfx-h264 and /network:auto",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "freerdp: integer overflow due to missing input sanitation in rdpegfx channel",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15103"
},
{
"category": "external",
"summary": "RHBZ#1858909",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1858909"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15103",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15103"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15103",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15103"
},
{
"category": "external",
"summary": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4r38-6hq7-j3j9",
"url": "https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-4r38-6hq7-j3j9"
}
],
"release_date": "2020-07-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-18T14:41:33+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1849"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.5,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"AppStream-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"AppStream-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.src",
"CRB-8.4.0.GA:freerdp-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-debugsource-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-devel-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:freerdp-libs-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-debuginfo-2:2.2.0-1.el8.x86_64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.aarch64",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.i686",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.ppc64le",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.s390x",
"CRB-8.4.0.GA:libwinpr-devel-2:2.2.0-1.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "freerdp: integer overflow due to missing input sanitation in rdpegfx channel"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.