CVE-2025-2704

Опубликовано: 02 апр. 2025

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:openvpn:openvpn:*:*:*:*:community:*:*:*

Версия от 2.6.1 (включая) до 2.6.13 (включая)

EPSS

Процентиль: 42%

0.00198

Низкий

7.5 High

CVSS3

Дефекты

CWE-754

Связанные уязвимости

CVE-2025-2704

CVSS3: 7.5

ubuntu

9 месяцев назад

OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase

CVE-2025-2704

CVSS3: 7.5

debian

9 месяцев назад

OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 ...

SUSE-SU-2025:1508-1

suse-cvrf

8 месяцев назад

Security update for openvpn

SUSE-SU-2025:01508-1

suse-cvrf

7 месяцев назад

Security update for openvpn

GHSA-5gwv-2q72-gxrm

CVSS3: 7.5

github

9 месяцев назад

OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase

EPSS

Процентиль: 42%

0.00198

Низкий

7.5 High

CVSS3

Дефекты

CWE-754