What is the OpenVPN CNA?
OpenVPN is a CVE Numbering Authority (CNA) — an organization authorized to assign CVE IDs to vulnerabilities in its scope. It has published 40 CVE records since 2020.
How many CVEs has OpenVPN published?
OpenVPN has published 40 CVE records, including 22 in the last two years.
What is OpenVPN's CVE data quality grade?
RadicalNotion.AI grades OpenVPN's CVE data quality as D, with an overall completeness score of 68.1%. This reflects how consistently its CVE records include vendor (65%), product (100%), CVSS (7.5%), and CWE (100%) information.
What products does OpenVPN publish CVEs for?
OpenVPN most frequently publishes CVEs for OpenVPN, OpenVPN Access Server, OpenVPN Connect, connect, debian linux.
Which vendors does OpenVPN cover?
OpenVPN publishes CVEs across 2 distinct vendors, most often OpenVPN, fedoraproject, debian, microsoft, OpenVPN Inc.
Is OpenVPN actively publishing CVEs?
OpenVPN is currently active, based on 22 CVEs in the last two years.
What is the average severity of OpenVPN's CVEs?
The average CVSS base score across OpenVPN's scored CVEs is 3.2.
How many critical CVEs has OpenVPN published?
OpenVPN has published 5 critical-severity CVEs and 11 high-severity CVEs.
Are any of OpenVPN's CVEs in CISA's Known Exploited Vulnerabilities catalog?
No. None of OpenVPN's CVEs are currently listed in CISA's Known Exploited Vulnerabilities (KEV) catalog.
What are the most common weakness types in OpenVPN's CVEs?
OpenVPN's CVEs most often map to these CWE weakness types: CWE-305 (Authentication Bypass by Primary Weakness), CWE-754 (Improper Check for Unusual or Exceptional Conditions), CWE-427 (Uncontrolled Search Path Element), CWE-476 (NULL Pointer Dereference).
How does OpenVPN rank among CNAs?
By total CVE volume, OpenVPN ranks #191 of 370 CNAs, and it reports more complete CVE records than 19% of all CNAs.
