CVE-2025-13751

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2025-13751
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13751.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-13751
Downstream
Related
Published
2025-12-03T17:15:49.913Z
Modified
2026-04-10T05:21:19.339435Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
[none]
Details

Interactive service agent in OpenVPN version 2.5.0 through 2.6.16 and 2.7alpha1 through 2.7rc2 on Windows allows a local authenticated user to connect to the service and trigger an error causing a local denial of service.

References

Affected packages

Git / github.com/openvpn/openvpn

Affected ranges

Type
GIT
Repo
https://github.com/openvpn/openvpn
Events
Introduced
a73072d8f780e888aca7d79b993b1e59c9d8f364
Fixed
fa20154d58ca609bf871a48542cc882b994f82bb
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
5d3f3556a1f7cb26a2fb5e1c8299f03d0487cc6f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2026fe583f4fa5ef16779e527c3d3e5a0edd2dc0
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
7b1b283478ec008fad163c8a54659a1ed97ed727
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
1e7b9a0fb021f0a64e76369f4efd2001d50ef42b
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
0fb5a00549be6b065f9a4d61940ee06786d9fa61
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
23a56395f8adec78a2dfd357a42059c0890b8631
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e37f7692df1f258e2d94ee44ac75c5f24e4d6b2d
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
d6ee27b4ff31e4469d699f3bfd7b9998ab167230
Database specific 
{
    "versions": [
        {
            "introduced": "2.5.0"
        },
        {
            "fixed": "2.6.17"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.7-alpha1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.7-alpha2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.7-alpha3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.7-beta1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.7-beta2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.7-beta3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.7-rc1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.7-rc2"
        }
    ]
}

Affected versions

v2.*
v2.1.0
v2.1.1
v2.1.2
v2.1.3
v2.1_rc1
v2.1_rc10
v2.1_rc11
v2.1_rc12
v2.1_rc13
v2.1_rc14
v2.1_rc15
v2.1_rc16
v2.1_rc17
v2.1_rc18
v2.1_rc19
v2.1_rc2
v2.1_rc20
v2.1_rc21
v2.1_rc22
v2.1_rc3
v2.1_rc4
v2.1_rc5
v2.1_rc6
v2.1_rc7
v2.1_rc8
v2.1_rc9
v2.2-RC
v2.2-RC2
v2.2-beta4
v2.2-beta5
v2.3-alpha1
v2.3_alpha2
v2.3_alpha3
v2.3_beta1
v2.4_alpha1
v2.4_alpha2
v2.4_beta1
v2.4_beta2
v2.4_rc1
v2.4_rc2
v2.6.0
v2.6.1
v2.6.10
v2.6.11
v2.6.12
v2.6.13
v2.6.14
v2.6.15
v2.6.16
v2.6.2
v2.6.3
v2.6.4
v2.6.5
v2.6.6
v2.6.7
v2.6.8
v2.6.9
v2.6_beta1
v2.6_beta2
v2.6_branched
v2.6_rc1
v2.6_rc2
v2.7_alpha1
v2.7_alpha2
v2.7_alpha3
v2.7_beta1
v2.7_beta2
v2.7_beta3
v2.7_rc1
v2.7_rc2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-13751.json"