Search CVE reports

Toggle filters

31 – 40 of 50 results

CVE-2017-7522

Medium priority
Not affected

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.

1 affected package

openvpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openvpn
Show less packages

CVE-2017-7521

Medium priority
Fixed

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension().

1 affected package

openvpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openvpn
Show less packages

CVE-2017-7520

Medium priority
Fixed

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service and/or possibly sensitive memory leak triggered by man-in-the-middle attacker.

1 affected package

openvpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openvpn
Show less packages

CVE-2017-7512

Medium priority
Not affected

Red Hat 3scale (aka RH-3scale) API Management Platform (AMP) before 2.0.0 would permit creation of an access token without a client secret. An attacker could use this flaw to circumvent authentication controls and gain access to...

1 affected package

openvpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openvpn
Show less packages

CVE-2017-7508

Medium priority
Fixed

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service when receiving malformed IPv6 packet.

1 affected package

openvpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openvpn
Show less packages

CVE-2017-7479

Low priority

Some fixes available 4 of 5

OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker.

1 affected package

openvpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openvpn Not affected Not affected
Show less packages

CVE-2017-7478

High priority
Fixed

OpenVPN version 2.3.12 and newer is vulnerable to unauthenticated Denial of Service of server via received large control packet. Note that this issue is fixed in 2.3.15 and 2.4.2.

1 affected package

openvpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openvpn
Show less packages

CVE-2016-6329

Low priority

Some fixes available 3 of 4

OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using...

1 affected package

openvpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openvpn Not affected Not affected
Show less packages

CVE-2014-8104

Medium priority

Some fixes available 3 of 4

OpenVPN 2.x before 2.0.11, 2.1.x, 2.2.x before 2.2.3, and 2.3.x before 2.3.6 allows remote authenticated users to cause a denial of service (server crash) via a small control channel packet.

1 affected package

openvpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openvpn
Show less packages

CVE-2013-2061

Low priority

Some fixes available 1 of 6

The openvpn_decrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run...

1 affected package

openvpn

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS
openvpn
Show less packages
  1. Previous page
  2. 1
  3. 2
  4. 3
  5. 4
  6. 5
  7. Next page
Export to JSON