Approved changes feed: RSS · Atom
cpe:2.3:a:openvpn:connect:*:*:*:*:*:windows:*:*
part: a version: * update: *
| Vendor | Openvpn (69250643-f594-58ab-9395-086994cbe5f3) |
|---|---|
| Product | Connect (85eec71f-49f2-5f92-afc6-44512155abac) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | windows |
| Target hardware | * |
| Other | * |
| Notes | Imported from purl2cpe mapping |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:docker/diadebeltphy/openvpn-connect-mac-download |
purl2cpe | 2026-06-01 10:12:10.743419 |
pkg:docker/zhujintao/openvpn-connect |
purl2cpe | 2026-06-01 10:12:10.743422 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-7245 |
vulnerable | 2026-06-03 14:54:00.283869 |
Details available
The nodejs framework in OpenVPN Connect 3.0 through 3.4.3 (Windows)/3.4.7 (macOS) was not properly configured, which allows a local user to execute arbitrary code within the nodejs process context via the ELECTRON_RUN_AS_NODE environment variable
Published: 2024-02-20T11:08:29.089Z
Updated: 2024-08-14T14:36:15.335Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2022-3761 |
vulnerable | 2026-06-03 14:47:59.263263 |
Details available
OpenVPN Connect versions before 3.4.0.4506 (macOS) and OpenVPN Connect before 3.4.0.3100 (Windows) allows man-in-the-middle attackers to intercept configuration profile download requests which contains the users credentials
Published: 2023-10-17T12:10:36.100Z
Updated: 2024-08-03T01:20:57.580Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2021-3613 |
vulnerable | 2026-06-03 14:45:12.159587 |
Details available
OpenVPN Connect 3.2.0 through 3.3.0 allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process (OpenVPNConnect.exe).
Published: 2021-07-02T12:33:36.000Z
Updated: 2024-08-03T17:01:07.446Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.