Skip to content

Integer casting vulnerability in `update_recv_secondary_order`

Low
akallabeth published GHSA-3898-mc89-x2vc Jun 22, 2020

Package

FreeRDP

Affected versions

<= 2.1.1

Patched versions

2.1.2

Description

Impact

  • All clients with +glyph-cache /relax-order-checks

Patches

Has the problem been patched? What versions should users upgrade to?

Workarounds

Do not use /relax-order-checks or +glyph-cache

References

GHSL-2020-125

Severity

Low

CVE ID

CVE-2020-4032

Weaknesses

No CWEs