- What is the OpenVPN CNA?
- OpenVPN is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 40 CVE records since 2020.
- How many CVEs has OpenVPN published?
- OpenVPN has published 40 CVE records, including 22 in the last two years.
- What is OpenVPN's CVE data quality grade?
- RadicalNotion.AI grades OpenVPN's CVE data quality as D, with an overall completeness score of 68.1%. This reflects how consistently its CVE records include vendor (65%), product (100%), CVSS (7.5%), and CWE (100%) information.
- What products does OpenVPN publish CVEs for?
- OpenVPN most frequently publishes CVEs for OpenVPN, openvpn access server, connect, OpenVPN Connect, debian linux.
- Which vendors does OpenVPN cover?
- OpenVPN publishes CVEs across 2 distinct vendors, most often OpenVPN, debian, fedoraproject, microsoft, canonical.
- Is OpenVPN actively publishing CVEs?
- OpenVPN is currently active, based on 22 CVEs in the last two years.
- What is the average severity of OpenVPN's CVEs?
- The average CVSS base score across OpenVPN's scored CVEs is 3.2.
- How many critical CVEs has OpenVPN published?
- OpenVPN has published 7 critical-severity CVEs and 21 high-severity CVEs.
- Are any of OpenVPN's CVEs in CISA's Known Exploited Vulnerabilities catalog?
- No. None of OpenVPN's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
- What are the most common weakness types in OpenVPN's CVEs?
- OpenVPN's CVEs most often map to these CWE weakness types: CWE-305 (Authentication Bypass by Primary Weakness), CWE-617 (Reachable Assertion), CWE-754 (Improper Check for Unusual or Exceptional Conditions), CWE-95 (Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection')).
- How does OpenVPN rank among CNAs?
- By total CVE volume, OpenVPN ranks #191 of 370 CNAs, and it reports more complete CVE records than 19% of all CNAs.