CVE-2023-6247

Опубликовано: 29 фев. 2024

Источник: nvd

CVSS3: 6.5

EPSS Низкий

Описание

The PKCS#7 parser in OpenVPN 3 Core Library versions through 3.8.3 did not properly validate the parsed data, which would result in the application crashing.

Ссылки

https://community.openvpn.net/openvpn/wiki/CVE-2023-6247
Patch
Vendor Advisory
https://community.openvpn.net/openvpn/wiki/CVE-2023-6247
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openvpn:openvpn_3:*:*:*:*:*:*:*:*

Версия до 3.8.4 (исключая)

EPSS

Процентиль: 68%

0.00576

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-476

Связанные уязвимости

CVE-2023-6247

CVSS3: 6.5

ubuntu

почти 2 года назад

The PKCS#7 parser in OpenVPN 3 Core Library versions through 3.8.3 did not properly validate the parsed data, which would result in the application crashing.

CVE-2023-6247

CVSS3: 6.5

debian

почти 2 года назад

The PKCS#7 parser in OpenVPN 3 Core Library versions through 3.8.3 did ...

GHSA-7j74-rq7m-gr5m

CVSS3: 6.5

github

почти 2 года назад

The PKCS#7 parser in OpenVPN 3 Core Library versions through 3.8.3 did not properly validate the parsed data, which would result in the application crashing.

EPSS

Процентиль: 68%

0.00576

Низкий

6.5 Medium

CVSS3

Дефекты

CWE-476