CVE-2021-3547
OpenVPN 3 Core Library versions 3.6–3.6.1 are affected by a vulnerability that lets a man-in-the-middle bypass certificate authentication by issuing an unrelated server certificate that uses the same hostname as configured in verify-x509-name. This is a client-side trust management issue in certi...