{"url":"http://public2.vulnerablecode.io/api/packages/95007?format=json","purl":"pkg:rpm/redhat/freerdp@2:2.11.7-1.el9_7?arch=2","type":"rpm","namespace":"redhat","name":"freerdp","version":"2:2.11.7-1.el9_7","qualifiers":{"arch":"2"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68229?format=json","vulnerability_id":"VCID-hn73-bkwe-9uas","summary":"freerdp: FreeRDP heap-buffer-overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22855.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22855.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22855","reference_id":"","reference_type":"","scores":[{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29004","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29104","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29071","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29036","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22855"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22855","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22855"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429645","reference_id":"2429645","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429645"},{"reference_url":"https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1","reference_id":"3.20.1","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T21:06:18Z/"}],"url":"https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"},{"reference_url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rwp3-g84r-6mx9","reference_id":"GHSA-rwp3-g84r-6mx9","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T21:06:18Z/"}],"url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-rwp3-g84r-6mx9"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19033","reference_id":"RHSA-2026:19033","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19033"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3067","reference_id":"RHSA-2026:3067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3068","reference_id":"RHSA-2026:3068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3068"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3334","reference_id":"RHSA-2026:3334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3975","reference_id":"RHSA-2026:3975","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3975"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4121","reference_id":"RHSA-2026:4121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4437","reference_id":"RHSA-2026:4437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4438","reference_id":"RHSA-2026:4438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4439","reference_id":"RHSA-2026:4439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4440","reference_id":"RHSA-2026:4440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4446","reference_id":"RHSA-2026:4446","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4446"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4471","reference_id":"RHSA-2026:4471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4489","reference_id":"RHSA-2026:4489","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4489"},{"reference_url":"https://usn.ubuntu.com/8105-1/","reference_id":"USN-8105-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8105-1/"}],"fixed_packages":[],"aliases":["CVE-2026-22855"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hn73-bkwe-9uas"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68226?format=json","vulnerability_id":"VCID-pza4-svr8-augu","summary":"freerdp: FreeRDP global-buffer-overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22858.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22858.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22858","reference_id":"","reference_type":"","scores":[{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29721","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29824","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29787","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00115","scoring_system":"epss","scoring_elements":"0.29755","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22858"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22858","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22858"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429649","reference_id":"2429649","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429649"},{"reference_url":"https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1","reference_id":"3.20.1","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T21:11:51Z/"}],"url":"https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"},{"reference_url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qmqf-m84q-x896","reference_id":"GHSA-qmqf-m84q-x896","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T21:11:51Z/"}],"url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-qmqf-m84q-x896"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19033","reference_id":"RHSA-2026:19033","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19033"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3067","reference_id":"RHSA-2026:3067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3068","reference_id":"RHSA-2026:3068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3068"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3334","reference_id":"RHSA-2026:3334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3975","reference_id":"RHSA-2026:3975","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3975"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4121","reference_id":"RHSA-2026:4121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4433","reference_id":"RHSA-2026:4433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4437","reference_id":"RHSA-2026:4437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4438","reference_id":"RHSA-2026:4438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4439","reference_id":"RHSA-2026:4439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4440","reference_id":"RHSA-2026:4440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4446","reference_id":"RHSA-2026:4446","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4446"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4471","reference_id":"RHSA-2026:4471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4489","reference_id":"RHSA-2026:4489","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4489"},{"reference_url":"https://usn.ubuntu.com/8105-1/","reference_id":"USN-8105-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8105-1/"}],"fixed_packages":[],"aliases":["CVE-2026-22858"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pza4-svr8-augu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/68225?format=json","vulnerability_id":"VCID-xsqe-dvx4-7qc1","summary":"freerdp: FreeRDP heap-buffer-overflow","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22859.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2026-22859.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22859","reference_id":"","reference_type":"","scores":[{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29004","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29104","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29071","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0011","scoring_system":"epss","scoring_elements":"0.29036","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2026-22859"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22859","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2026-22859"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429653","reference_id":"2429653","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2429653"},{"reference_url":"https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1","reference_id":"3.20.1","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T21:12:56Z/"}],"url":"https://github.com/FreeRDP/FreeRDP/releases/tag/3.20.1"},{"reference_url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-56f5-76qv-2r36","reference_id":"GHSA-56f5-76qv-2r36","reference_type":"","scores":[{"value":"5.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:H/SC:N/SI:N/SA:N/E:P"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-14T21:12:56Z/"}],"url":"https://github.com/FreeRDP/FreeRDP/security/advisories/GHSA-56f5-76qv-2r36"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:19033","reference_id":"RHSA-2026:19033","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:19033"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3067","reference_id":"RHSA-2026:3067","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3067"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3068","reference_id":"RHSA-2026:3068","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3068"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3334","reference_id":"RHSA-2026:3334","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3334"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:3975","reference_id":"RHSA-2026:3975","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:3975"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4121","reference_id":"RHSA-2026:4121","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4121"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4433","reference_id":"RHSA-2026:4433","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4433"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4437","reference_id":"RHSA-2026:4437","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4437"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4438","reference_id":"RHSA-2026:4438","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4438"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4439","reference_id":"RHSA-2026:4439","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4439"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4440","reference_id":"RHSA-2026:4440","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4440"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4446","reference_id":"RHSA-2026:4446","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4446"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4471","reference_id":"RHSA-2026:4471","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4471"},{"reference_url":"https://access.redhat.com/errata/RHSA-2026:4489","reference_id":"RHSA-2026:4489","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2026:4489"},{"reference_url":"https://usn.ubuntu.com/8105-1/","reference_id":"USN-8105-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/8105-1/"}],"fixed_packages":[],"aliases":["CVE-2026-22859"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xsqe-dvx4-7qc1"}],"fixing_vulnerabilities":[],"risk_score":"3.4","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/freerdp@2:2.11.7-1.el9_7%3Farch=2"}