Double free vulnerability in OpenConnect prior to 1.40 might allow remote AnyConnect SSL VPN servers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted DTLS Cipher option during a reconnect operation.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
infradead openconnect 1.20 |
||
infradead openconnect 1.00 |
||
infradead openconnect |
||
infradead openconnect 1.10 |
Vulmon