debian · CVE-2020-11039

Quick triage

Priority: not yet assigned Published: Updated: Fri, 17 Jul 2026 14:09:35 GMT

View at Official debian advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2020-11039 not yet assigned priority: Debian including 1 source packages (freerdp2), 2 status rows across 2 suites (bookworm, bullseye): resolved 2.

Description:

In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks. This has been patched in 2.1.0.

cvelogic Threat Intelligence