Vulnerability Database

309,961

Total vulnerabilities in the database

CVE-2023-52557

In OpenBSD 7.3 before errata 016, npppd(8) could crash by a l2tp message which has an AVP (Attribute-Value Pair) with wrong length.

Published: Mar 1, 2024
Updated: Nov 16, 2025
CVE: CVE-2023-52557
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.5
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWEs:

Affected Software
References

Software	From	Fixed in
openbsd / openbsd	-	7.3
openbsd / openbsd	7.3	7.3.x
openbsd / openbsd	7.3-errata_001	7.3-errata_001.x
openbsd / openbsd	7.3-errata_002	7.3-errata_002.x
openbsd / openbsd	7.3-errata_003	7.3-errata_003.x
openbsd / openbsd	7.3-errata_004	7.3-errata_004.x
openbsd / openbsd	7.3-errata_005	7.3-errata_005.x
openbsd / openbsd	7.3-errata_006	7.3-errata_006.x
openbsd / openbsd	7.3-errata_007	7.3-errata_007.x
openbsd / openbsd	7.3-errata_008	7.3-errata_008.x
openbsd / openbsd	7.3-errata_009	7.3-errata_009.x
openbsd / openbsd	7.3-errata_010	7.3-errata_010.x
openbsd / openbsd	7.3-errata_011	7.3-errata_011.x
openbsd / openbsd	7.3-errata_012	7.3-errata_012.x
openbsd / openbsd	7.3-errata_013	7.3-errata_013.x
openbsd / openbsd	7.3-errata_014	7.3-errata_014.x
openbsd / openbsd	7.3-errata_015	7.3-errata_015.x

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime