What the vulnerability does

01Description

OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session

Key dates

02Disclosure timeline

July 8, 2024 CVE published
November 1, 2024 Record updated