It was discovered that OpenVPN incorrectly handled certain configurations with multiple authentication plugins. A remote attacker could possibly use this issue to bypass authentication using incomplete credentials.
{ "availability": "No subscription required", "binaries": [ { "openvpn-dbgsym": "2.4.4-2ubuntu1.7", "openvpn": "2.4.4-2ubuntu1.7" } ] }
{ "availability": "No subscription required", "binaries": [ { "openvpn-dbgsym": "2.4.7-1ubuntu2.20.04.4", "openvpn": "2.4.7-1ubuntu2.20.04.4" } ] }