OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension().

References

www.debian.org/security/2017/dsa-3900

www.securityfocus.com/bid/99230

www.securitytracker.com/id/1038768

community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243

threatpost 1

nvd 2

cvelist 2

debiancve 1

cve 2

ubuntucve 2

prion 2

nessus 11

fedora 3

openvas 10

suse 3

osv 1

redhatcve 4

archlinux 1

debian 3

hackerone 1

thn 1

altlinux 1

f5 1

mageia 1

amazon 1

freebsd 1

slackware 1

ubuntu 1

threatpost

OpenVPN Patches Critical Remote Code Execution Vulnerability

2017-06-21 11:14:36

nvd

CVE-2017-7521

2017-06-27 13:29:00

CVE-2017-7512

2017-07-07 22:29:00

cvelist

CVE-2017-7521

2017-06-27 13:00:00

CVE-2017-7512

2017-07-07 22:00:00

debiancve

CVE-2017-7521

2017-06-27 13:29:00

cve

CVE-2017-7521

2017-06-27 13:29:00

CVE-2017-7512

2017-07-07 22:29:00

ubuntucve

CVE-2017-7521

2017-06-21 00:00:00

CVE-2017-7512

2017-06-21 00:00:00

prion

Double free

2017-06-27 13:29:00

Authentication flaw

2017-07-07 22:29:00

nessus

SUSE SLED12 / SLES12 Security Update : openvpn (SUSE-SU-2017:1635-1)

2017-06-22 00:00:00

openSUSE Security Update : openvpn (openSUSE-2017-730)

2017-06-30 00:00:00

Fedora 25 : openvpn (2017-0639fb1490)

2017-06-26 00:00:00

fedora

[SECURITY] Fedora 26 Update: openvpn-2.4.3-1.fc26

2017-06-24 03:09:57

[SECURITY] Fedora 24 Update: openvpn-2.3.17-1.fc24

2017-06-30 20:51:03

[SECURITY] Fedora 25 Update: openvpn-2.4.3-1.fc25

2017-06-23 20:54:35

openvas

openSUSE: Security Advisory for openvpn (openSUSE-SU-2017:1680-1)

2017-06-26 00:00:00

Mageia: Security Advisory (MGASA-2017-0224)

2022-01-28 00:00:00

SUSE: Security Advisory (SUSE-SU-2017:1635-1)

2021-04-19 00:00:00

suse

Security update for openvpn (important)

2017-06-21 18:11:05

Security update for openvpn (important)

2017-06-26 15:16:30

Security update for openvpn-openssl1 (important)

2017-06-29 18:12:39

osv

openvpn - security update

2017-06-27 00:00:00

redhatcve

CVE-2017-7520

2017-06-23 07:23:15

CVE-2017-7521

2017-06-23 07:23:00

CVE-2017-7522

2017-06-23 07:22:48

archlinux

[ASA-201706-27] openvpn: multiple issues

2017-06-22 00:00:00

debian

[BSA-116] Security Update for openvpn

2017-07-05 07:52:52

[SECURITY] [DSA 3900-1] openvpn security update

2017-06-27 19:51:56

[SECURITY] [DSA 3900-1] openvpn security update

2017-06-27 19:51:56

hackerone

Internet Bug Bounty: 4 severe remote + several minor OpenVPN vulnerabilities

2017-06-23 10:58:19

thn

Critical RCE Flaw Found in OpenVPN that Escaped Two Recent Security Audits

2017-06-21 21:08:00

altlinux

Security fix for the ALT Linux 9 package openvpn version June

2017-06-21 00:00:00

K63104801 : OpenVPN vulnerabilities CVE-2017-7508, CVE-2017-7520, CVE-2017-7521, and CVE-2017-7522

2017-08-03 00:00:00

mageia

Updated openvpn packages fix security vulnerabilities

2017-07-28 21:12:15

amazon

Important: openvpn

2017-06-27 17:47:00

freebsd

OpenVPN -- several vulnerabilities

2017-05-19 00:00:00

slackware

[slackware-security] openvpn

2017-06-21 18:40:28

ubuntu

OpenVPN vulnerabilities

2017-06-22 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

AI Score

7.5

Confidence

High

EPSS

0.012

Percentile

85.3%

JSON

Related for OSV:CVE-2017-7521