Approved changes feed: RSS · Atom
cpe:2.3:a:openvpn:connect:*:*:*:*:*:macos:*:*
part: a version: * update: *
| Vendor | Openvpn (69250643-f594-58ab-9395-086994cbe5f3) |
|---|---|
| Product | Connect (85eec71f-49f2-5f92-afc6-44512155abac) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | macos |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:docker/diadebeltphy/openvpn-connect-mac-download |
purl2cpe | 2026-06-01 10:12:10.741777 |
pkg:docker/zhujintao/openvpn-connect |
purl2cpe | 2026-06-01 10:12:10.741779 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-7245 |
vulnerable | 2026-06-03 14:54:00.282512 |
Details available
The nodejs framework in OpenVPN Connect 3.0 through 3.4.3 (Windows)/3.4.7 (macOS) was not properly configured, which allows a local user to execute arbitrary code within the nodejs process context via the ELECTRON_RUN_AS_NODE environment variable
Published: 2024-02-20T11:08:29.089Z
Updated: 2024-08-14T14:36:15.335Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-7224 |
vulnerable | 2026-06-03 14:54:00.228052 |
Details available
OpenVPN Connect version 3.0 through 3.4.6 on macOS allows local users to execute code in external third party libraries using the DYLD_INSERT_LIBRARIES environment variable
Published: 2024-01-08T13:55:20.160Z
Updated: 2024-09-04T19:13:07.440Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-3761 |
vulnerable | 2026-06-03 14:47:59.263785 |
Details available
OpenVPN Connect versions before 3.4.0.4506 (macOS) and OpenVPN Connect before 3.4.0.3100 (Windows) allows man-in-the-middle attackers to intercept configuration profile download requests which contains the users credentials
Published: 2023-10-17T12:10:36.100Z
Updated: 2024-08-03T01:20:57.580Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2020-15075 |
vulnerable | 2026-06-03 14:41:45.177497 |
Details available
OpenVPN Connect installer for macOS version 3.2.6 and older may corrupt system critical files it should not have access via symlinks in /tmp.
Published: 2021-03-30T13:38:02.000Z
Updated: 2024-08-04T13:08:21.419Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.