Vulnerability Database
Blog
FAQ
Docs
arrow_forward
search
CVE-2020-11525
See a problem?
Please try reporting it
to the source
first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2020-11525
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-11525.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-11525
Downstream
DEBIAN-CVE-2020-11525
DLA-2356-1
OESA-2021-1008
RHSA-2020:4031
RHSA-2020:4647
SUSE-SU-2020:2032-1
SUSE-SU-2020:2068-1
SUSE-SU-2020:2272-1
UBUNTU-CVE-2020-11525
USN-4379-1
USN-4382-1
USN-4382-2
openSUSE-SU-2020:1090-1
openSUSE-SU-2024:10768-1
Related
ALSA-2020:4647
GHSA-9755-fphh-gmjg
MGASA-2020-0297
RLSA-2020:4647
SUSE-SU-2020:2032-1
SUSE-SU-2020:2068-1
SUSE-SU-2020:2272-1
openSUSE-SU-2020:1090-1
openSUSE-SU-2024:10768-1
Published
2020-05-15T17:15:12Z
Modified
2025-10-13T09:27:56.911990Z
Severity
2.2 (Low)
CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L
CVSS Calculator
Summary
[none]
Details
libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read.
References
http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00080.html
https://github.com/FreeRDP/FreeRDP/commits/master
https://github.com/FreeRDP/FreeRDP/pull/6019/commits/58dc36b3c883fd460199cedb6d30e58eba58298c
https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-9755-fphh-gmjg
https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html
https://pub.freerdp.com/cve/CVE-2020-11525/pocAnalysis_1.pdf
https://usn.ubuntu.com/4379-1/
https://usn.ubuntu.com/4382-1/
Affected packages
Git
/
github.com/freerdp/freerdp
Affected ranges
Type
GIT
Repo
https://github.com/freerdp/freerdp
Events
Introduced
0
Unknown introduced commit / All previous commits are affected
Last affected
1648deb435ad52206f7aa2afe4b4dff71d9329bc
Last affected
5ab2bed8749747b8e4b2ed431fd102bc726be684
Last affected
7a7b180277a9c04809bf07a54882d7c33eeeb9f9
Last affected
84f8161897534d9263ffebe43092827d40fc7ffb
Last affected
a4f147683db7aa99a6075aeaf7c698bc6ba84d11
Last affected
e21b72c95f857817b4b32b5ef5406355c005a9e8
Affected versions
1.*
1.0-beta1
1.0-beta2
1.0-beta3
1.0-beta4
1.0-beta5
1.0.0
1.0.1
1.1.0-beta+2013071101
1.1.0-beta1
1.1.0-beta1+android2
1.1.0-beta1+android3
1.1.0-beta1+android4
1.1.0-beta1+android5
1.1.0-beta1+ios1
1.1.0-beta1+ios2
1.1.0-beta1+ios3
1.1.0-beta1+ios4
1.2.0-beta1+android7
1.2.0-beta1+android9
2.*
2.0.0-beta1+android10
2.0.0-beta1+android11
2.0.0-rc0
CVE-2020-11525 - OSV