OpenVPN 2.6.0 Release Candidate 1 Community Edition

CPE Details

OpenVPN 2.6.0 Release Candidate 1 Community Edition
openvpn
openvpn
2.6.0
2023-11-27
19h07 +00:00
2023-11-27
19h07 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:openvpn:openvpn:2.6.0:rc1:*:*:community:*:*:*

Informations

Vendor

openvpn

Product

openvpn

Version

2.6.0

Update

rc1

Software Edition

community

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2024-27903 2024-07-08 10h27 +00:00 OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged OpenVPN interactive service.
9.8
Critique
CVE-2024-24974 2024-07-08 10h20 +00:00 The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service.
7.5
Haute
CVE-2024-27459 2024-07-08 10h14 +00:00 The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary code with more privileges.
7.8
Haute
CVE-2023-46850 2023-11-11 00h15 +00:00 Use after free in OpenVPN version 2.6.0 to 2.6.6 may lead to undefined behavoir, leaking memory buffers or remote execution when sending network buffers to a remote peer.
9.8
Critique
CVE-2023-46849 2023-11-11 00h05 +00:00 Using the --fragment option in certain configuration setups OpenVPN version 2.6.0 to 2.6.6 allows an attacker to trigger a divide by zero behaviour which could cause an application crash, leading to a denial of service.
7.5
Haute