xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP).
xrdp < v0.9.21 contain a Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open() function. There are no known workarounds for this issue. Users are advised to upgrade..This CVE has a CVSS3.1 score of 9.1 and a Base Severity of CRITICAL.
References for CVE-2022-23478 :
|Metric Type||Metric Score|