Total vulnerabilities in the database
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.
Software | From | Fixed in |
---|---|---|
openvpn / openvpn | 2.5.0 | 2.5.6 |
openvpn / openvpn | 2.1.0 | 2.4.12 |
fedoraproject / fedora | 34 | 34.x |
fedoraproject / fedora | 36 | 36.x |
debian / debian_linux | 9.0 | 9.0.x |