VulnerableCode Package Details - pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u3?distro=trixie

Search for packages

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerability

Summary

Fixed by

This package is not known to be affected by vulnerabilities.

Vulnerability	Summary	Aliases
VCID-hr11-3ew1-4fgk	OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase	CVE-2025-2704
VCID-htt5-x61p-2qar	OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs.	CVE-2024-5594
VCID-junc-6y8j-cbe2	OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session	CVE-2024-28882

Vulnerability

Summary

Aliases

VCID-hr11-3ew1-4fgk

OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase

CVE-2025-2704

VCID-htt5-x61p-2qar

OpenVPN before 2.6.11 does not santize PUSH_REPLY messages properly which an attacker controlling the server can use to inject unexpected arbitrary data ending up in client logs.

CVE-2024-5594

VCID-junc-6y8j-cbe2

OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session

CVE-2024-28882

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T11:56:48.472076+00:00	Debian Importer	Fixing	VCID-htt5-x61p-2qar	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:25:27.774597+00:00	Debian Importer	Fixing	VCID-junc-6y8j-cbe2	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:13:33.476969+00:00	Debian Importer	Fixing	VCID-hr11-3ew1-4fgk	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:09:18.533781+00:00	Debian Importer	Fixing	VCID-htt5-x61p-2qar	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:01:50.891690+00:00	Debian Importer	Fixing	VCID-junc-6y8j-cbe2	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:10:15.731512+00:00	Debian Importer	Fixing	VCID-hr11-3ew1-4fgk	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:49:10.277770+00:00	Debian Importer	Fixing	VCID-hr11-3ew1-4fgk	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:49:09.940852+00:00	Debian Importer	Fixing	VCID-htt5-x61p-2qar	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:49:09.821180+00:00	Debian Importer	Fixing	VCID-junc-6y8j-cbe2	https://security-tracker.debian.org/tracker/data/json	38.1.0