CVE-2017-7522

CVE-2017-7522

Vendor Openvpn Technologies, Inc
Product OpenVPN
Weakness CWE-20 · Input validation
Published June 27, 2017
Last update August 5, 2024

CVSS base score

What the vulnerability does

01Description

OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.

Key dates

02Disclosure timeline

June 27, 2017 CVE published
August 5, 2024 Record updated