{"id":"CVE-2020-11045","details":"In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in update_read_bitmap_data that allows client memory to be read to an image buffer. The result displayed on screen as colour.","modified":"2026-04-16T04:35:21.720720050Z","published":"2020-05-07T19:15:11.783Z","related":["ALSA-2020:4647","GHSA-3x39-248q-f4q6"],"references":[{"type":"ADVISORY","url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-3x39-248q-f4q6"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2020/08/msg00054.html"},{"type":"ADVISORY","url":"https://lists.debian.org/debian-lts-announce/2023/10/msg00008.html"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4379-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/4382-1/"},{"type":"FIX","url":"https://github.com/FreeRDP/FreeRDP/commit/f8890a645c221823ac133dbf991f8a65ae50d637"},{"type":"EVIDENCE","url":"https://github.com/FreeRDP/FreeRDP/issues/6005"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/freerdp/freerdp","events":[{"introduced":"0"},{"fixed":"5ab2bed8749747b8e4b2ed431fd102bc726be684"},{"fixed":"f8890a645c221823ac133dbf991f8a65ae50d637"}],"database_specific":{"versions":[{"introduced":"1.1.0"},{"fixed":"2.0.0"}]}}],"versions":["1.0-beta1","1.0-beta2","1.0-beta4","1.0-beta5","1.0.0","1.0.1","1.1.0-beta+2013071101","1.1.0-beta1","1.1.0-beta1+android2","1.1.0-beta1+android3","1.1.0-beta1+android4","1.1.0-beta1+android5","1.1.0-beta1+ios1","1.1.0-beta1+ios2","1.1.0-beta1+ios3","1.1.0-beta1+ios4","1.2.0-beta1+android7","1.2.0-beta1+android9","2.0.0-beta1+android10","2.0.0-beta1+android11","2.0.0-rc0","2.0.0-rc1","2.0.0-rc2","2.0.0-rc3","2.0.0-rc4"],"database_specific":{"vanir_signatures":[{"signature_version":"v1","id":"CVE-2020-11045-28b89200","deprecated":false,"digest":{"length":1297,"function_hash":"206436341201980652058609057959198552998"},"signature_type":"Function","source":"https://github.com/freerdp/freerdp/commit/f8890a645c221823ac133dbf991f8a65ae50d637","target":{"function":"update_read_bitmap_data","file":"libfreerdp/core/update.c"}},{"source":"https://github.com/freerdp/freerdp/commit/f8890a645c221823ac133dbf991f8a65ae50d637","signature_version":"v1","deprecated":false,"digest":{"threshold":0.9,"line_hashes":["174082662618401205352853601715769749832","84560628654313816427147087026633431051","182426011417203487958277892954071378642","308865737782997131972517872718766365445"]},"signature_type":"Line","id":"CVE-2020-11045-8488ed58","target":{"file":"libfreerdp/core/update.c"}}],"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"9.0"}]},{"events":[{"introduced":"0"},{"last_affected":"10.0"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"19.10"}]},{"events":[{"introduced":"0"},{"last_affected":"20.04"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-11045.json","vanir_signatures_modified":"2026-04-11T09:46:16Z"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:L"}]}