3 matches found
EUVD-2025-199988
Insufficient argument validation in OpenVPN 2.7alpha1 through 2.7rc1 allows an attacker to trigger a heap buffer over-read when parsing IP addresses...
CVE-2025-12106
Insufficient argument validation in OpenVPN 2.7alpha1 through 2.7rc1 allows an attacker to trigger a heap buffer over-read when parsing IP addresses...
SUSE CVE-2025-10680
OpenVPN 2.7alpha1 through 2.7beta1 on POSIX based platforms allows a remote authenticated server to inject shell commands via DNS variables when --dns-updown is in use...