CVE-2019-17177

HIGH

Freerdp < 1.0.2 - Memory Leak

Title source: rule

Description

libfreerdp/codec/region.c in FreeRDP through 1.1.x and 2.x through 2.0.0-rc4 has memory leaks because a supplied realloc pointer (i.e., the first argument to realloc) is also used for a realloc return value.

References (6)

Scores

CVSS v3 7.5
EPSS 0.0087
EPSS Percentile 75.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Classification

CWE
CWE-401
Status published

Affected Products (11)

freerdp/freerdp
freerdp/freerdp
freerdp/freerdp
opensuse/leap
opensuse/leap
freerdp/freerdp < 1.0.2
freerdp/freerdp
freerdp/freerdp
freerdp/freerdp
freerdp/freerdp
freerdp/freerdp

Timeline

Published Oct 04, 2019
Tracked Since Feb 18, 2026