Search for packages
| purl | pkg:deb/debian/openvpn@2.6.11-1?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-htt5-x61p-2qar | OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs. |
CVE-2024-5594
|
| VCID-junc-6y8j-cbe2 | OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session |
CVE-2024-28882
|
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-16T11:56:48.484039+00:00 | Debian Importer | Fixing | VCID-htt5-x61p-2qar | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-16T10:25:27.795156+00:00 | Debian Importer | Fixing | VCID-junc-6y8j-cbe2 | https://security-tracker.debian.org/tracker/data/json | 38.4.0 |
| 2026-04-13T08:09:18.546782+00:00 | Debian Importer | Fixing | VCID-htt5-x61p-2qar | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-13T07:01:50.904707+00:00 | Debian Importer | Fixing | VCID-junc-6y8j-cbe2 | https://security-tracker.debian.org/tracker/data/json | 38.3.0 |
| 2026-04-03T07:49:09.972114+00:00 | Debian Importer | Fixing | VCID-htt5-x61p-2qar | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |
| 2026-04-03T07:49:09.853724+00:00 | Debian Importer | Fixing | VCID-junc-6y8j-cbe2 | https://security-tracker.debian.org/tracker/data/json | 38.1.0 |