It was discovered that OpenVPN incorrectly handled certain configurations with multiple authentication plugins. A remote attacker could possibly use this issue to bypass authentication using incomplete credentials.
{ "availability": "No subscription required", "binaries": [ { "binary_version": "2.4.4-2ubuntu1.7", "binary_name": "openvpn" }, { "binary_version": "2.4.4-2ubuntu1.7", "binary_name": "openvpn-dbgsym" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "2.4.7-1ubuntu2.20.04.4", "binary_name": "openvpn" }, { "binary_version": "2.4.7-1ubuntu2.20.04.4", "binary_name": "openvpn-dbgsym" } ] }