FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-11-23 17:01:17 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
45a72180-a640-11ec-a08b-85298243e224	openvpn -- Potential authentication by-pass with multiple deferred authentication plug-ins David Sommerseth reports: OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials. This issue is resolved in OpenVPN 2.4.12 and v2.5.6. Discovery 2022-03-10 Entry 2022-03-17 openvpn < 2.5.6 openvpn-mbedtls < 2.5.6 CVE-2022-0547 https://community.openvpn.net/openvpn/wiki/CVE-2022-0547 https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst#overview-of-changes-in-256

VuXML ID

Description

45a72180-a640-11ec-a08b-85298243e224

openvpn -- Potential authentication by-pass with multiple deferred authentication plug-ins

David Sommerseth reports:

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials. This issue is resolved in OpenVPN 2.4.12 and v2.5.6.

Discovery 2022-03-10
Entry 2022-03-17
openvpn

< 2.5.6

openvpn-mbedtls

< 2.5.6

CVE-2022-0547
https://community.openvpn.net/openvpn/wiki/CVE-2022-0547
https://github.com/OpenVPN/openvpn/blob/release/2.5/Changes.rst#overview-of-changes-in-256