6 matches found
Unity Linux 20.1070e Security Update: openvpn (UTSA-2026-017760)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017760 advisory. An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 PDATAV2 packet using a victim's peer-id. Normally such packets are...
SUSE CVE-2020-11810
An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 PDATAV2 packet using a victim's peer-id. Normally such packets are dropped, but if this packet arrives before the data channel crypto parameters have been initialized, the victim's connection will be...
Debian DLA-2992-1 : openvpn - LTS security update
The remote Debian 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the dla-2992 advisory. - OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code...
Updated openvpn packages fix security vulnerability
Updated openvpn packages fix security vulnerability: An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 PDATAV2 packet using a victim's peer-id. Normally such packets are dropped, but if this packet arrives before the data channel crypto parameters hav...
CVE-2020-11810
An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 PDATAV2 packet using a victim's peer-id. Normally such packets are dropped, but if this packet arrives before the data channel crypto parameters have been initialized, the victim's connection will be...
UBUNTU-CVE-2020-11810
An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 PDATAV2 packet using a victim's peer-id. Normally such packets are dropped, but if this packet arrives before the data channel crypto parameters have been initialized, the victim's connection will be...