Vulnerability Database
Blog
FAQ
Docs
SUSE-SU-2023:4873-1
See a problem?
Please try reporting it
to the source
first.
Source
https://www.suse.com/support/update/announcement/2023/suse-su-20234873-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2023:4873-1.json
JSON Data
https://api.test.osv.dev/v1/vulns/SUSE-SU-2023:4873-1
Related
CVE-2023-40184
CVE-2023-42822
Published
2023-12-14T18:52:09Z
Modified
2023-12-14T18:52:09Z
Summary
Security update for xrdp
Details
This update for xrdp fixes the following issues:
CVE-2023-42822: Fixed unchecked access to font glyph info (bsc#1215803).
CVE-2023-40184: Fixed restriction bypass via improper session handling (bsc#1214805).
References
https://www.suse.com/support/update/announcement/2023/suse-su-20234873-1/
https://bugzilla.suse.com/1214805
https://bugzilla.suse.com/1215803
https://bugzilla.suse.com/1217759
https://www.suse.com/security/cve/CVE-2023-40184
https://www.suse.com/security/cve/CVE-2023-42822
Affected packages
SUSE:Linux Enterprise Server 12 SP5
/
xrdp
Package
Name
xrdp
Purl
pkg:rpm/suse/xrdp&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0.9.10-3.16.1
Ecosystem specific
{ "binaries": [ { "xrdp": "0.9.10-3.16.1" } ] }
SUSE:Linux Enterprise Server for SAP Applications 12 SP5
/
xrdp
Package
Name
xrdp
Purl
pkg:rpm/suse/xrdp&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5
Affected ranges
Type
ECOSYSTEM
Events
Introduced
0
Unknown introduced version / All previous versions are affected
Fixed
0.9.10-3.16.1
Ecosystem specific
{ "binaries": [ { "xrdp": "0.9.10-3.16.1" } ] }
SUSE-SU-2023:4873-1 - OSV