Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2024-5594

OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs.

No technical information available.

No CWE or OWASP classifications available.

Software From Fixed in
openvpn / openvpn 2.6.0 2.6.11