Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/openvpn@2.4.7-1%2Bdeb10u1
purl pkg:deb/debian/openvpn@2.4.7-1%2Bdeb10u1
Next non-vulnerable version 2.6.3-1+deb12u4
Latest non-vulnerable version 2.6.3-1+deb12u4
Risk 4.4
Vulnerabilities affecting this package (4)
Vulnerability Summary Fixed by
VCID-69y7-qv5p-gqar
Aliases:
CVE-2020-11810
An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 (P_DATA_V2) packet using a victim's peer-id. Normally such packets are dropped, but if this packet arrives before the data channel crypto parameters have been initialized, the victim's connection will be dropped. This requires careful timing due to the small time window (usually within a few seconds) between the victim client connection starting and the server PUSH_REPLY response back to the client. This attack will only work if Negotiable Cipher Parameters (NCP) is in use.
2.5.1-3
Affected by 2 other vulnerabilities.
VCID-faqk-wzr3-77be
Aliases:
CVE-2022-0547
Multiple vulnerabilities have been discovered in OpenVPN, the worst of which could lead to information disclosure.
2.6.3-1+deb12u4
Affected by 0 other vulnerabilities.
VCID-htt5-x61p-2qar
Aliases:
CVE-2024-5594
OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs.
2.6.3-1+deb12u4
Affected by 0 other vulnerabilities.
VCID-j1d4-djxq-dqct
Aliases:
CVE-2020-15078
A vulnerability has been found in OpenVPN, allowing attackers to bypass the authentication process.
2.5.1-3
Affected by 2 other vulnerabilities.
Vulnerabilities fixed by this package (5)
Vulnerability Summary Aliases
VCID-n8nh-wf64-8fgr security update CVE-2017-7508
VCID-rkee-udq8-afg2 openvpn: Multiple security issues fixed in OpenVPN 2.4.3 and 2.3.17 CVE-2017-7522
VCID-ruzb-y7qd-nfgc OpenVPN versions before 2.3.3 and 2.4.x before 2.4.4 are vulnerable to a buffer overflow vulnerability when key-method 1 is used, possibly resulting in code execution. CVE-2017-12166
VCID-vucu-2pfy-93ds security update CVE-2017-7521
VCID-zuyu-zw1g-uqg7 security update CVE-2017-7520

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-15T23:10:54.335651+00:00 Debian Oval Importer Affected by VCID-69y7-qv5p-gqar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T22:33:08.018620+00:00 Debian Oval Importer Fixing VCID-ruzb-y7qd-nfgc https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T21:18:45.191159+00:00 Debian Oval Importer Fixing VCID-n8nh-wf64-8fgr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:54:06.238618+00:00 Debian Oval Importer Fixing VCID-zuyu-zw1g-uqg7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T20:39:51.865365+00:00 Debian Oval Importer Affected by VCID-j1d4-djxq-dqct https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T19:00:55.294033+00:00 Debian Oval Importer Affected by VCID-htt5-x61p-2qar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T18:04:23.233241+00:00 Debian Oval Importer Fixing VCID-vucu-2pfy-93ds https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T16:12:29.097618+00:00 Debian Oval Importer Affected by VCID-faqk-wzr3-77be https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-15T15:44:54.564438+00:00 Debian Oval Importer Fixing VCID-rkee-udq8-afg2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.4.0
2026-04-11T22:46:50.955506+00:00 Debian Oval Importer Affected by VCID-69y7-qv5p-gqar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T22:10:04.912595+00:00 Debian Oval Importer Fixing VCID-ruzb-y7qd-nfgc https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:58:23.452341+00:00 Debian Oval Importer Fixing VCID-n8nh-wf64-8fgr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:34:39.256990+00:00 Debian Oval Importer Fixing VCID-zuyu-zw1g-uqg7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T20:20:57.205675+00:00 Debian Oval Importer Affected by VCID-j1d4-djxq-dqct https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T18:45:00.756163+00:00 Debian Oval Importer Affected by VCID-htt5-x61p-2qar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T17:50:05.725491+00:00 Debian Oval Importer Fixing VCID-vucu-2pfy-93ds https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:59:54.362372+00:00 Debian Oval Importer Affected by VCID-faqk-wzr3-77be https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-11T15:32:38.977104+00:00 Debian Oval Importer Fixing VCID-rkee-udq8-afg2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.3.0
2026-04-08T22:21:35.498964+00:00 Debian Oval Importer Affected by VCID-69y7-qv5p-gqar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T21:46:36.644517+00:00 Debian Oval Importer Fixing VCID-ruzb-y7qd-nfgc https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:37:42.104544+00:00 Debian Oval Importer Fixing VCID-n8nh-wf64-8fgr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:14:44.583449+00:00 Debian Oval Importer Fixing VCID-zuyu-zw1g-uqg7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T20:01:40.095027+00:00 Debian Oval Importer Affected by VCID-j1d4-djxq-dqct https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T18:30:03.502066+00:00 Debian Oval Importer Affected by VCID-htt5-x61p-2qar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T17:37:14.981680+00:00 Debian Oval Importer Fixing VCID-vucu-2pfy-93ds https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:52:58.238628+00:00 Debian Oval Importer Affected by VCID-faqk-wzr3-77be https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0
2026-04-08T15:26:48.799885+00:00 Debian Oval Importer Fixing VCID-rkee-udq8-afg2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 38.1.0