Analysis
No analysis available yet.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| FreeRDP | FreeRDP | affected |
|
Configuration 1 [-]
|
Configuration 2 [-]
|
| Package | CPE | Advisory | Released Date |
|---|---|---|---|
| Red Hat Enterprise Linux 8 | |||
| freerdp-2:2.2.0-10.el8 | cpe:/a:redhat:enterprise_linux:8 | RHSA-2023:2851 | 2023-05-16T00:00:00Z |
| Red Hat Enterprise Linux 9 | |||
| freerdp-2:2.4.1-5.el9 | cpe:/a:redhat:enterprise_linux:9 | RHSA-2023:2326 | 2023-05-09T00:00:00Z |
No data available yet.
No remediation available yet.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
 Debian DLA |
DLA-3654-1 | freerdp2 security update |
| Debian DLA |
DLA-4053-1 | freerdp2 security update |
 EUVD |
EUVD-2022-41819 | FreeRDP is a free remote desktop protocol library and clients. Affected versions of FreeRDP are missing path canonicalization and base path check for `drive` channel. A malicious server can trick a FreeRDP based client to read files outside the shared directory. This issue has been addressed in version 2.9.0 and all users are advised to upgrade. Users unable to upgrade should not use the `/drive`, `/drives` or `+home-drive` redirection switch. |
 Ubuntu USN |
USN-5734-1 | FreeRDP vulnerabilities |
Mon, 03 Nov 2025 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Tue, 15 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Mon, 14 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2025-11-03T20:35:05.619Z
Reserved: 2022-09-02T00:00:00.000Z
Link: CVE-2022-39347
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-11-16T20:15:10.367
Modified: 2025-11-03T21:15:53.510
Link: CVE-2022-39347
Redhat
OpenCVE Enrichment
No data.