FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

nothing found there

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
45a72180-a640-11ec-a08b-85298243e224openvpn -- Potential authentication by-pass with multiple deferred authentication plug-ins

David Sommerseth reports:

OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials. This issue is resolved in OpenVPN 2.4.12 and v2.5.6.

Discovery 2022-03-10
Entry 2022-03-17
lt 2.5.6

lt 2.5.6

efb965be-a2c0-11eb-8956-1951a8617e30openvpn -- deferred authentication can be bypassed in specific circumstances

Gert Döring reports:

OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.

Discovery 2021-03-02
Entry 2021-04-21
lt 2.5.2

lt 2.5.2