Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| FreeRDP | FreeRDP | affected |
|
Configuration 1 [-]
|
Configuration 2 [-]
|
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| Red Hat Enterprise Linux 8 | |||
| freerdp-2:2.2.0-10.el8 | cpe:/a:redhat:enterprise_linux:8 | RHSA-2023:2851 | 2023-05-16T00:00:00Z |
| Red Hat Enterprise Linux 9 | |||
| freerdp-2:2.4.1-5.el9 | cpe:/a:redhat:enterprise_linux:9 | RHSA-2023:2326 | 2023-05-09T00:00:00Z |
No data available yet.
No remediation available yet.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 Debian DLA |
DLA-3654-1 | freerdp2 security update |
| Debian DLA |
DLA-4053-1 | freerdp2 security update |
 EUVD |
EUVD-2022-41800 | FreeRDP is a free remote desktop protocol library and clients. In affected versions there is an out of bound read in ZGFX decoder component of FreeRDP. A malicious server can trick a FreeRDP based client to read out of bound data and try to decode it likely resulting in a crash. This issue has been addressed in the 2.9.0 release. Users are advised to upgrade. |
 Ubuntu USN |
USN-5734-1 | FreeRDP vulnerabilities |
Mon, 03 Nov 2025 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Tue, 15 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Mon, 14 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2025-11-03T20:34:58.674Z
Reserved: 2022-09-02T00:00:00.000Z
Link: CVE-2022-39316
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-11-16T20:15:10.180
Modified: 2025-11-03T21:15:52.867
Link: CVE-2022-39316
Redhat
OpenCVE Enrichment
No data.