{"id":"CVE-2024-28882","details":"OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session","modified":"2026-03-14T12:28:07.965400Z","published":"2024-07-08T22:15:02.410Z","related":["SUSE-SU-2024:3502-1","SUSE-SU-2024:3532-1","openSUSE-SU-2024:14436-1"],"references":[{"type":"ADVISORY","url":"https://community.openvpn.net/openvpn/wiki/CVE-2024-28882"},{"type":"ARTICLE","url":"https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07634.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openvpn/openvpn","events":[{"introduced":"b999466418dddb89721be5455f03bacd9b221b1d"},{"fixed":"ddf6bf6d2a13583535c417532e96e8a8af77f977"}],"database_specific":{"versions":[{"introduced":"2.6.0"},{"fixed":"2.6.11"}]}}],"versions":["v2.6.0","v2.6.1","v2.6.10","v2.6.2","v2.6.3","v2.6.4","v2.6.5","v2.6.6","v2.6.7","v2.6.8","v2.6.9"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-28882.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}]}