Опубликовано: 04 окт. 2017
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 6.8
CVSS3: 9.8
Описание
OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution.
Релиз | Статус | Примечание |
---|---|---|
artful | ignored | end of life |
bionic | not-affected | 2.4.4-2ubuntu1 |
cosmic | ignored | end of life |
devel | not-affected | 2.4.7-1ubuntu2 |
disco | ignored | end of life |
eoan | not-affected | 2.4.7-1ubuntu2 |
esm-infra-legacy/trusty | released | 2.3.2-7ubuntu3.2+esm2 |
esm-infra/bionic | not-affected | 2.4.4-2ubuntu1 |
esm-infra/focal | not-affected | 2.4.7-1ubuntu2 |
esm-infra/xenial | released | 2.3.10-1ubuntu2.2+esm2 |
Показывать по
10
EPSS
Процентиль: 89%
0.05144
Низкий
6.8 Medium
CVSS2
9.8 Critical
CVSS3
Связанные уязвимости
CVSS3: 9.8
nvd
почти 8 лет назад
OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution.
CVSS3: 9.8
debian
почти 8 лет назад
OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to ...
EPSS
Процентиль: 89%
0.05144
Низкий
6.8 Medium
CVSS2
9.8 Critical
CVSS3