Total vulnerabilities in the database
Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.
| Software | From | Fixed in |
|---|---|---|
| openvpn / openvpn | 2.6.0 | 2.6.6.x |
| openvpn / openvpn_access_server | 2.11.0 | 2.11.3.x |
| openvpn / openvpn_access_server | 2.12.1 | 2.12.1.x |
| openvpn / openvpn_access_server | 2.12.0 | 2.12.0.x |
| debian / debian_linux | 12.0 | 12.0.x |
| fedoraproject / fedora | 39 | 39.x |