VYPR

rpm package

opensuse/openconnect&distro=openSUSE Leap 15.1

pkg:rpm/opensuse/openconnect&distro=openSUSE%20Leap%2015.1

Vulnerabilities (3)

  • CVE-2020-12823CriMay 12, 2020
    affected < 7.08-lp151.6.9.1fixed 7.08-lp151.6.9.1

    OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c.

  • CVE-2020-12105MedApr 23, 2020
    affected < 7.08-lp151.6.6.1fixed 7.08-lp151.6.6.1

    OpenConnect through 8.08 mishandles negative return values from X509_check_ function calls, which might assist attackers in performing man-in-the-middle attacks.

  • CVE-2019-16239CriSep 17, 2019
    affected < 7.08-lp151.6.3.1fixed 7.08-lp151.6.3.1

    process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.