What the vulnerability does

01Description

The PKCS#7 parser in OpenVPN 3 Core Library versions through 3.8.3 did not properly validate the parsed data, which would result in the application crashing.

Key dates

02Disclosure timeline

February 20, 2024 CVE published
October 28, 2024 Record updated