Allocation of Resources Without Limits or Throttling in FreeRDP - #VU137833
Published: July 16, 2026
FreeRDP
Detailed vulnerability description
The vulnerability allows a remote attacker to cause a denial of service.
The vulnerability exists due to improper limitation of a pathname to a restricted directory in http_response_recv_body() when processing chunked HTTP response bodies from an RD Gateway or gateway HTTP endpoint. A remote attacker can send an oversized chunked HTTP response to cause a denial of service.
The issue affects the client-side chunked transfer path, where oversized response bodies are accepted and stored without applying the intended response size limit.