OpenConnect through 8.08 mishandles negative return values from X509_check_ function calls, which might assist attackers in performing man-in-the-middle attacks.
The product does not handle or incorrectly handles an exceptional condition.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Openconnect | Infradead | * | 8.08 (including) |