OpenConnect up to and including 8.08 mishandles negative return values from X509_check_ function calls, which might assist attackers in performing man-in-the-middle attacks.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
infradead openconnect |
||
opensuse leap 15.1 |