openvpn (Ubuntu:23.10) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Ubuntu:23.10 package openvpn, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2023-46850 — CVSS 9.8 (critical): Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending…
CVE-2023-46849 — CVSS 7.5 (high): Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero…