Security Advisory

CVE-2024-5594

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-06 13:52:20

Last updated 2025-11-03 20:48:53

Assigner OpenVPN

State PUBLISHED

Description

OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs.

← Browse all CVEs View on cve.org ↗