rpm package
suse/openvpn&distro=SUSE Linux Enterprise Server for SAP Applications 12 SP3
pkg:rpm/suse/openvpn&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-0547 | — | < 2.3.8-16.29.1 | 2.3.8-16.29.1 | Mar 18, 2022 | OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials. | ||
| CVE-2017-12166 | Cri | 9.8 | < 2.3.8-16.20.1 | 2.3.8-16.20.1 | Oct 4, 2017 | OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. |
- CVE-2022-0547Mar 18, 2022affected < 2.3.8-16.29.1fixed 2.3.8-16.29.1
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.
- affected < 2.3.8-16.20.1fixed 2.3.8-16.20.1
OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution.