Vulnerabilities (CVE)

Filtered by vendor Openvpn Subscribe

Filtered by product Openvpn

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2017-7479	1 Openvpn	1 Openvpn	2019-10-03	4.0 MEDIUM	6.5 MEDIUM
OpenVPN versions before 2.3.15 and before 2.4.2 are vulnerable to reachable assertion when packet-ID counter rolls over resulting into Denial of Service of server by authenticated attacker.
CVE-2017-7521	1 Openvpn	1 Openvpn	2019-10-03	4.3 MEDIUM	5.9 MEDIUM
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to remote denial-of-service due to memory exhaustion caused by memory leaks and double-free issue in extract_x509_extension().
CVE-2016-6329	1 Openvpn	1 Openvpn	2019-07-09	4.3 MEDIUM	5.9 MEDIUM
OpenVPN, when using a 64-bit block cipher, makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTP-over-OpenVPN session using Blowfish in CBC mode, aka a "Sweet32" attack.
CVE-2017-7522	1 Openvpn	1 Openvpn	2017-07-07	4.0 MEDIUM	6.5 MEDIUM
OpenVPN versions before 2.4.3 and before 2.3.17 are vulnerable to denial-of-service by authenticated remote attacker via sending a certificate with an embedded NULL character.