Home

Description

The PKCS#7 parser in OpenVPN 3 Core Library versions through 3.8.3 did not properly validate the parsed data, which would result in the application crashing.

PUBLISHED Reserved 2023-11-21 | Published 2024-02-20 | Updated 2024-10-28 | Assigner OpenVPN

Problem types

CWE-476: NULL Pointer Dereference

Product status

Default status
unaffected

3.0 (minor releases)
affected

References

community.openvpn.net/openvpn/wiki/CVE-2023-6247 technical-description

cve.org (CVE-2023-6247)

nvd.nist.gov (CVE-2023-6247)

Download JSON