CVE-2024-4877
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2024-4877
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2024-4877.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2024-4877
- Published
- 2025-04-03T16:15:32Z
- Modified
- 2025-04-04T14:15:20Z
- Summary
- [none]
- Details
-
OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI component would connect to allowing it to escalate its privileges
- References
Affected packages
Alpine:v3.18 / openvpn
Package
- Name
- openvpn
- Purl
- pkg:apk/alpine/openvpn?arch=source
Alpine:v3.19 / openvpn
Package
- Name
- openvpn
- Purl
- pkg:apk/alpine/openvpn?arch=source
Alpine:v3.20 / openvpn
Package
- Name
- openvpn
- Purl
- pkg:apk/alpine/openvpn?arch=source