rpm package
suse/openvpn&distro=SUSE Linux Enterprise Server 12 SP5-LTSS
pkg:rpm/suse/openvpn&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-5594 | — | < 2.3.8-16.35.1 | 2.3.8-16.35.1 | Jan 6, 2025 | OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs. |
- CVE-2024-5594Jan 6, 2025affected < 2.3.8-16.35.1fixed 2.3.8-16.35.1
OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs.