{"url":"http://public2.vulnerablecode.io/api/packages/934116?format=json","purl":"pkg:deb/debian/openvpn@0?distro=trixie","type":"deb","namespace":"debian","name":"openvpn","version":"0","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"2.0.2-1","latest_non_vulnerable_version":"2.7.3-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/258154?format=json","vulnerability_id":"VCID-28zy-wt9q-5udk","summary":"The interactive service in OpenVPN 2.6.9 and earlier allows the OpenVPN service pipe to be accessed remotely, which allows a remote attacker to interact with the privileged OpenVPN interactive service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-24974","reference_id":"","reference_type":"","scores":[{"value":"0.11092","scoring_system":"epss","scoring_elements":"0.93543","published_at":"2026-05-15T12:55:00Z"},{"value":"0.11092","scoring_system":"epss","scoring_elements":"0.93486","published_at":"2026-04-29T12:55:00Z"},{"value":"0.11092","scoring_system":"epss","scoring_elements":"0.93489","published_at":"2026-04-24T12:55:00Z"},{"value":"0.11092","scoring_system":"epss","scoring_elements":"0.93493","published_at":"2026-05-05T12:55:00Z"},{"value":"0.11092","scoring_system":"epss","scoring_elements":"0.93507","published_at":"2026-05-07T12:55:00Z"},{"value":"0.11092","scoring_system":"epss","scoring_elements":"0.93518","published_at":"2026-05-11T12:55:00Z"},{"value":"0.11092","scoring_system":"epss","scoring_elements":"0.93524","published_at":"2026-05-12T12:55:00Z"},{"value":"0.11092","scoring_system":"epss","scoring_elements":"0.93536","published_at":"2026-05-14T12:55:00Z"},{"value":"0.11092","scoring_system":"epss","scoring_elements":"0.93428","published_at":"2026-04-02T12:55:00Z"},{"value":"0.11092","scoring_system":"epss","scoring_elements":"0.93437","published_at":"2026-04-07T12:55:00Z"},{"value":"0.11092","scoring_system":"epss","scoring_elements":"0.93445","published_at":"2026-04-08T12:55:00Z"},{"value":"0.11092","scoring_system":"epss","scoring_elements":"0.93449","published_at":"2026-04-09T12:55:00Z"},{"value":"0.11092","scoring_system":"epss","scoring_elements":"0.93454","published_at":"2026-04-12T12:55:00Z"},{"value":"0.11092","scoring_system":"epss","scoring_elements":"0.93455","published_at":"2026-04-13T12:55:00Z"},{"value":"0.11092","scoring_system":"epss","scoring_elements":"0.93475","published_at":"2026-04-16T12:55:00Z"},{"value":"0.11092","scoring_system":"epss","scoring_elements":"0.9348","published_at":"2026-04-18T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-24974"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.6","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://community.openvpn.net/openvpn/wiki/CVE-2024-24974","reference_id":"CVE-2024-24974","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-07-30T18:38:55Z/"}],"url":"https://community.openvpn.net/openvpn/wiki/CVE-2024-24974"},{"reference_url":"https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07534.html","reference_id":"msg07534.html","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-07-30T18:38:55Z/"}],"url":"https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07534.html"},{"reference_url":"https://openvpn.net/security-advisory/ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974/","reference_id":"ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-07-30T18:38:55Z/"}],"url":"https://openvpn.net/security-advisory/ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934116?format=json","purl":"pkg:deb/debian/openvpn@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934104?format=json","purl":"pkg:deb/debian/openvpn@2.5.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.5.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934102?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934107?format=json","purl":"pkg:deb/debian/openvpn@2.6.14-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.14-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934105?format=json","purl":"pkg:deb/debian/openvpn@2.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934106?format=json","purl":"pkg:deb/debian/openvpn@2.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1076110?format=json","purl":"pkg:deb/debian/openvpn@2.7.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081555?format=json","purl":"pkg:deb/debian/openvpn@2.7.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.3-1%3Fdistro=trixie"}],"aliases":["CVE-2024-24974"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-28zy-wt9q-5udk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/257311?format=json","vulnerability_id":"VCID-5wv8-4q5c-4fev","summary":"OpenVPN before version 2.5.3 on Windows allows local users to load arbitrary dynamic loadable libraries via an OpenSSL configuration file if present, which allows the user to run arbitrary code with the same privilege level as the main OpenVPN process (openvpn.exe).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3606","reference_id":"","reference_type":"","scores":[{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14488","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14551","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14622","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14431","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14519","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14573","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14521","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14483","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14425","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14319","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14317","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14386","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14414","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14388","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14335","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14198","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14348","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14441","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14434","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14476","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.1456","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00047","scoring_system":"epss","scoring_elements":"0.14566","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2021-3606"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934116?format=json","purl":"pkg:deb/debian/openvpn@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934104?format=json","purl":"pkg:deb/debian/openvpn@2.5.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.5.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934102?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934107?format=json","purl":"pkg:deb/debian/openvpn@2.6.14-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.14-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934105?format=json","purl":"pkg:deb/debian/openvpn@2.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934106?format=json","purl":"pkg:deb/debian/openvpn@2.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1076110?format=json","purl":"pkg:deb/debian/openvpn@2.7.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081555?format=json","purl":"pkg:deb/debian/openvpn@2.7.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.3-1%3Fdistro=trixie"}],"aliases":["CVE-2021-3606"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-5wv8-4q5c-4fev"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267260?format=json","vulnerability_id":"VCID-6h6c-h3va-dbfk","summary":"OpenVPN 2.7_alpha1 through 2.7_beta1 on POSIX based platforms allows a remote authenticated server to inject shell commands via DNS variables when --dns-updown is in use","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10680","reference_id":"","reference_type":"","scores":[{"value":"0.00166","scoring_system":"epss","scoring_elements":"0.37783","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41454","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41419","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41436","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41343","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.4137","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41444","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41755","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41683","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41732","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41741","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41763","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.4173","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41717","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41738","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41664","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41572","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41568","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.41491","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00197","scoring_system":"epss","scoring_elements":"0.4135","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-10680"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://community.openvpn.net/Security%20Announcements/CVE-2025-10680","reference_id":"CVE-2025-10680","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-25T03:56:05Z/"}],"url":"https://community.openvpn.net/Security%20Announcements/CVE-2025-10680"},{"reference_url":"https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00149.html","reference_id":"msg00149.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-10-25T03:56:05Z/"}],"url":"https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00149.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934116?format=json","purl":"pkg:deb/debian/openvpn@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934104?format=json","purl":"pkg:deb/debian/openvpn@2.5.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.5.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934102?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934107?format=json","purl":"pkg:deb/debian/openvpn@2.6.14-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.14-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934105?format=json","purl":"pkg:deb/debian/openvpn@2.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934106?format=json","purl":"pkg:deb/debian/openvpn@2.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1076110?format=json","purl":"pkg:deb/debian/openvpn@2.7.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081555?format=json","purl":"pkg:deb/debian/openvpn@2.7.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.3-1%3Fdistro=trixie"}],"aliases":["CVE-2025-10680"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6h6c-h3va-dbfk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60887?format=json","vulnerability_id":"VCID-7k7e-z4tf-6uc4","summary":"Multiple vulnerabilities have been discovered in OpenVPN, the worst of which could lead to information disclosure.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46850","reference_id":"","reference_type":"","scores":[{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.83767","published_at":"2026-04-02T12:55:00Z"},{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.83877","published_at":"2026-04-24T12:55:00Z"},{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.83884","published_at":"2026-04-26T12:55:00Z"},{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.83889","published_at":"2026-04-29T12:55:00Z"},{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.83911","published_at":"2026-05-05T12:55:00Z"},{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.83932","published_at":"2026-05-07T12:55:00Z"},{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.83948","published_at":"2026-05-11T12:55:00Z"},{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.83964","published_at":"2026-05-12T12:55:00Z"},{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.83782","published_at":"2026-04-04T12:55:00Z"},{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.83784","published_at":"2026-04-07T12:55:00Z"},{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.83808","published_at":"2026-04-08T12:55:00Z"},{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.83814","published_at":"2026-04-09T12:55:00Z"},{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.8383","published_at":"2026-04-11T12:55:00Z"},{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.83824","published_at":"2026-04-12T12:55:00Z"},{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.83819","published_at":"2026-04-13T12:55:00Z"},{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.83853","published_at":"2026-04-16T12:55:00Z"},{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.83852","published_at":"2026-04-18T12:55:00Z"},{"value":"0.02037","scoring_system":"epss","scoring_elements":"0.83851","published_at":"2026-04-21T12:55:00Z"},{"value":"0.03731","scoring_system":"epss","scoring_elements":"0.88117","published_at":"2026-05-14T12:55:00Z"},{"value":"0.03731","scoring_system":"epss","scoring_elements":"0.88124","published_at":"2026-05-15T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46850"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055805","reference_id":"1055805","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055805"},{"reference_url":"https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/","reference_id":"access-server-security-update-cve-2023-46849-cve-2023-46850","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-15T14:59:47Z/"}],"url":"https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/"},{"reference_url":"https://community.openvpn.net/openvpn/wiki/CVE-2023-46850","reference_id":"CVE-2023-46850","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-15T14:59:47Z/"}],"url":"https://community.openvpn.net/openvpn/wiki/CVE-2023-46850"},{"reference_url":"https://www.debian.org/security/2023/dsa-5555","reference_id":"dsa-5555","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-15T14:59:47Z/"}],"url":"https://www.debian.org/security/2023/dsa-5555"},{"reference_url":"https://security.gentoo.org/glsa/202409-08","reference_id":"GLSA-202409-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-08"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3FS46ANNTAVLIQY56ZKGM5CBTRVBUNE/","reference_id":"L3FS46ANNTAVLIQY56ZKGM5CBTRVBUNE","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-15T14:59:47Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3FS46ANNTAVLIQY56ZKGM5CBTRVBUNE/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O54I7D753V6PU6XBU26FEROD2DSHEJQ4/","reference_id":"O54I7D753V6PU6XBU26FEROD2DSHEJQ4","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-08-15T14:59:47Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O54I7D753V6PU6XBU26FEROD2DSHEJQ4/"},{"reference_url":"https://usn.ubuntu.com/6484-1/","reference_id":"USN-6484-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6484-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934116?format=json","purl":"pkg:deb/debian/openvpn@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934104?format=json","purl":"pkg:deb/debian/openvpn@2.5.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.5.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934121?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934102?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934122?format=json","purl":"pkg:deb/debian/openvpn@2.6.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934107?format=json","purl":"pkg:deb/debian/openvpn@2.6.14-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.14-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934105?format=json","purl":"pkg:deb/debian/openvpn@2.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934106?format=json","purl":"pkg:deb/debian/openvpn@2.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1076110?format=json","purl":"pkg:deb/debian/openvpn@2.7.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081555?format=json","purl":"pkg:deb/debian/openvpn@2.7.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.3-1%3Fdistro=trixie"}],"aliases":["CVE-2023-46850"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-7k7e-z4tf-6uc4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/189898?format=json","vulnerability_id":"VCID-9ymq-r7r1-4uh9","summary":"openvpnserv.exe (aka the interactive service helper) in OpenVPN 2.4.x before 2.4.6 allows a local attacker to cause a double-free of memory by sending a malformed request to the interactive service. This could cause a denial-of-service through memory corruption or possibly have unspecified other impact including privilege escalation.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-9336","reference_id":"","reference_type":"","scores":[{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2482","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24711","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24788","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24955","published_at":"2026-04-01T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25033","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.25072","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24847","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24915","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24962","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24977","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24937","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24881","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24894","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24888","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24865","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24809","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24797","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.2475","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24627","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24703","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24767","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00087","scoring_system":"epss","scoring_elements":"0.24693","published_at":"2026-05-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-9336"},{"reference_url":"https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24","reference_id":"","reference_type":"","scores":[],"url":"https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/OpenVPN/openvpn/commit/1394192b210cb3c6624a7419bcf3ff966742e79b"},{"reference_url":"https://github.com/OpenVPN/openvpn/releases/tag/v2.4.6","reference_id":"","reference_type":"","scores":[],"url":"https://github.com/OpenVPN/openvpn/releases/tag/v2.4.6"},{"reference_url":"https://www.tenable.com/security/research/tra-2018-09","reference_id":"","reference_type":"","scores":[],"url":"https://www.tenable.com/security/research/tra-2018-09"},{"reference_url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.568761","reference_id":"","reference_type":"","scores":[],"url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2018&m=slackware-security.568761"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openvpn:openvpn:*:*:*:*:*:*:*:*","reference_id":"cpe:2.3:a:openvpn:openvpn:*:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openvpn:openvpn:*:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:13.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:slackware:slackware_linux:13.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:13.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:13.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:slackware:slackware_linux:13.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:13.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:13.37:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:slackware:slackware_linux:13.37:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:13.37:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*","reference_id":"cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*","reference_type":"","scores":[],"url":"https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*"},{"reference_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-9336","reference_id":"CVE-2018-9336","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv2","scoring_elements":"AV:L/AC:L/Au:N/C:P/I:P/A:P"},{"value":"7.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://nvd.nist.gov/vuln/detail/CVE-2018-9336"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934116?format=json","purl":"pkg:deb/debian/openvpn@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934104?format=json","purl":"pkg:deb/debian/openvpn@2.5.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.5.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934102?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934107?format=json","purl":"pkg:deb/debian/openvpn@2.6.14-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.14-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934105?format=json","purl":"pkg:deb/debian/openvpn@2.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934106?format=json","purl":"pkg:deb/debian/openvpn@2.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1076110?format=json","purl":"pkg:deb/debian/openvpn@2.7.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081555?format=json","purl":"pkg:deb/debian/openvpn@2.7.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.3-1%3Fdistro=trixie"}],"aliases":["CVE-2018-9336"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9ymq-r7r1-4uh9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66395?format=json","vulnerability_id":"VCID-ayrd-g1eb-h3dt","summary":"OpenVPN: OpenVPN: Local denial of service vulnerability in interactive service agent","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13751.json","reference_id":"","reference_type":"","scores":[{"value":"5.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13751.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13751","reference_id":"","reference_type":"","scores":[{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01158","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.0114","published_at":"2026-05-12T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01145","published_at":"2026-05-11T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01154","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0001","scoring_system":"epss","scoring_elements":"0.01157","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01274","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00011","scoring_system":"epss","scoring_elements":"0.01275","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00016","scoring_system":"epss","scoring_elements":"0.0369","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10815","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10891","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10944","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10946","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10913","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1089","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10755","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10768","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10888","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10849","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10808","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.10747","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00037","scoring_system":"epss","scoring_elements":"0.1099","published_at":"2026-04-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13751"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418624","reference_id":"2418624","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418624"},{"reference_url":"https://community.openvpn.net/Security%20Announcements/CVE-2025-13751","reference_id":"CVE-2025-13751","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U/U:Clear"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T16:32:17Z/"}],"url":"https://community.openvpn.net/Security%20Announcements/CVE-2025-13751"},{"reference_url":"https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00153.html","reference_id":"msg00153.html","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U/U:Clear"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T16:32:17Z/"}],"url":"https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00153.html"},{"reference_url":"https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00154.html","reference_id":"msg00154.html","reference_type":"","scores":[{"value":"1.3","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U/U:Clear"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T16:32:17Z/"}],"url":"https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00154.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934116?format=json","purl":"pkg:deb/debian/openvpn@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934104?format=json","purl":"pkg:deb/debian/openvpn@2.5.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.5.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934102?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934107?format=json","purl":"pkg:deb/debian/openvpn@2.6.14-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.14-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934105?format=json","purl":"pkg:deb/debian/openvpn@2.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934106?format=json","purl":"pkg:deb/debian/openvpn@2.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1076110?format=json","purl":"pkg:deb/debian/openvpn@2.7.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081555?format=json","purl":"pkg:deb/debian/openvpn@2.7.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.3-1%3Fdistro=trixie"}],"aliases":["CVE-2025-13751"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ayrd-g1eb-h3dt"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97775?format=json","vulnerability_id":"VCID-hr11-3ew1-4fgk","summary":"OpenVPN version 2.6.1 through 2.6.13 in server mode using TLS-crypt-v2 allows remote attackers to trigger a denial of service by corrupting and replaying network packets in the early handshake phase","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2704","reference_id":"","reference_type":"","scores":[{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66815","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.66825","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.6675","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00515","scoring_system":"epss","scoring_elements":"0.6673","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68671","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68689","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68712","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68699","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.6867","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68723","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68625","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.68643","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00572","scoring_system":"epss","scoring_elements":"0.6862","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00686","scoring_system":"epss","scoring_elements":"0.71772","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00686","scoring_system":"epss","scoring_elements":"0.71777","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00686","scoring_system":"epss","scoring_elements":"0.71783","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00686","scoring_system":"epss","scoring_elements":"0.71768","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00686","scoring_system":"epss","scoring_elements":"0.71801","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00686","scoring_system":"epss","scoring_elements":"0.71835","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00686","scoring_system":"epss","scoring_elements":"0.71723","published_at":"2026-04-21T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-2704"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1101935","reference_id":"1101935","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1101935"},{"reference_url":"https://community.openvpn.net/openvpn/wiki/CVE-2025-2704","reference_id":"CVE-2025-2704","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-07T17:20:44Z/"}],"url":"https://community.openvpn.net/openvpn/wiki/CVE-2025-2704"},{"reference_url":"https://usn.ubuntu.com/7411-1/","reference_id":"USN-7411-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7411-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934116?format=json","purl":"pkg:deb/debian/openvpn@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934104?format=json","purl":"pkg:deb/debian/openvpn@2.5.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.5.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934123?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934102?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934127?format=json","purl":"pkg:deb/debian/openvpn@2.6.14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934107?format=json","purl":"pkg:deb/debian/openvpn@2.6.14-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.14-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934105?format=json","purl":"pkg:deb/debian/openvpn@2.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934106?format=json","purl":"pkg:deb/debian/openvpn@2.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1076110?format=json","purl":"pkg:deb/debian/openvpn@2.7.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081555?format=json","purl":"pkg:deb/debian/openvpn@2.7.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.3-1%3Fdistro=trixie"}],"aliases":["CVE-2025-2704"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-hr11-3ew1-4fgk"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/97551?format=json","vulnerability_id":"VCID-junc-6y8j-cbe2","summary":"OpenVPN from 2.6.0 through 2.6.10 in a server role accepts multiple exit notifications from authenticated clients which will extend the validity of a closing session","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-28882","reference_id":"","reference_type":"","scores":[{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57159","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.56997","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57044","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57107","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57055","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.5708","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57093","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57116","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57143","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57145","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57157","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57137","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57117","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57144","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.5714","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57118","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57049","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00345","scoring_system":"epss","scoring_elements":"0.57068","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-28882"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074488","reference_id":"1074488","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1074488"},{"reference_url":"https://community.openvpn.net/openvpn/wiki/CVE-2024-28882","reference_id":"CVE-2024-28882","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T14:48:10Z/"}],"url":"https://community.openvpn.net/openvpn/wiki/CVE-2024-28882"},{"reference_url":"https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07634.html","reference_id":"msg07634.html","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-09T14:48:10Z/"}],"url":"https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07634.html"},{"reference_url":"https://usn.ubuntu.com/6860-1/","reference_id":"USN-6860-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6860-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934116?format=json","purl":"pkg:deb/debian/openvpn@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934104?format=json","purl":"pkg:deb/debian/openvpn@2.5.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.5.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934123?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u3?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934102?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934124?format=json","purl":"pkg:deb/debian/openvpn@2.6.11-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.11-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934107?format=json","purl":"pkg:deb/debian/openvpn@2.6.14-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.14-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934105?format=json","purl":"pkg:deb/debian/openvpn@2.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934106?format=json","purl":"pkg:deb/debian/openvpn@2.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1076110?format=json","purl":"pkg:deb/debian/openvpn@2.7.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081555?format=json","purl":"pkg:deb/debian/openvpn@2.7.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.3-1%3Fdistro=trixie"}],"aliases":["CVE-2024-28882"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-junc-6y8j-cbe2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/243466?format=json","vulnerability_id":"VCID-pspa-n4yc-j7hr","summary":"The interactive service in OpenVPN 2.6.9 and earlier allows an attacker to send data causing a stack overflow which can be used to execute arbitrary code with more privileges.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-27459","reference_id":"","reference_type":"","scores":[{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.90238","published_at":"2026-05-15T12:55:00Z"},{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.90174","published_at":"2026-04-29T12:55:00Z"},{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.90184","published_at":"2026-05-05T12:55:00Z"},{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.902","published_at":"2026-05-07T12:55:00Z"},{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.90211","published_at":"2026-05-09T12:55:00Z"},{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.90206","published_at":"2026-05-11T12:55:00Z"},{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.90216","published_at":"2026-05-12T12:55:00Z"},{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.90229","published_at":"2026-05-14T12:55:00Z"},{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.90107","published_at":"2026-04-02T12:55:00Z"},{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.90119","published_at":"2026-04-04T12:55:00Z"},{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.90123","published_at":"2026-04-07T12:55:00Z"},{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.90139","published_at":"2026-04-08T12:55:00Z"},{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.90145","published_at":"2026-04-09T12:55:00Z"},{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.90153","published_at":"2026-04-11T12:55:00Z"},{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.90152","published_at":"2026-04-12T12:55:00Z"},{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.90147","published_at":"2026-04-13T12:55:00Z"},{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.90164","published_at":"2026-04-18T12:55:00Z"},{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.90161","published_at":"2026-04-21T12:55:00Z"},{"value":"0.05418","scoring_system":"epss","scoring_elements":"0.90176","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-27459"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://community.openvpn.net/openvpn/wiki/CVE-2024-27459","reference_id":"CVE-2024-27459","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T15:31:20Z/"}],"url":"https://community.openvpn.net/openvpn/wiki/CVE-2024-27459"},{"reference_url":"https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07534.html","reference_id":"msg07534.html","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T15:31:20Z/"}],"url":"https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07534.html"},{"reference_url":"https://openvpn.net/security-advisory/ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974/","reference_id":"ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-07-23T15:31:20Z/"}],"url":"https://openvpn.net/security-advisory/ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934116?format=json","purl":"pkg:deb/debian/openvpn@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934104?format=json","purl":"pkg:deb/debian/openvpn@2.5.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.5.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934102?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934107?format=json","purl":"pkg:deb/debian/openvpn@2.6.14-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.14-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934105?format=json","purl":"pkg:deb/debian/openvpn@2.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934106?format=json","purl":"pkg:deb/debian/openvpn@2.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1076110?format=json","purl":"pkg:deb/debian/openvpn@2.7.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081555?format=json","purl":"pkg:deb/debian/openvpn@2.7.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.3-1%3Fdistro=trixie"}],"aliases":["CVE-2024-27459"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-pspa-n4yc-j7hr"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/244104?format=json","vulnerability_id":"VCID-qw3z-yr6x-2uhd","summary":"OpenVPN plug-ins on Windows with OpenVPN 2.6.9 and earlier could be loaded from any directory, which allows an attacker to load an arbitrary plug-in which can be used to interact with the privileged OpenVPN interactive service.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-27903","reference_id":"","reference_type":"","scores":[{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.9155","published_at":"2026-05-15T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.91489","published_at":"2026-04-29T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.91502","published_at":"2026-05-05T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.91517","published_at":"2026-05-07T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.91526","published_at":"2026-05-09T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.91525","published_at":"2026-05-11T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.91535","published_at":"2026-05-12T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.91542","published_at":"2026-05-14T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.9142","published_at":"2026-04-02T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.91429","published_at":"2026-04-04T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.91437","published_at":"2026-04-07T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.91449","published_at":"2026-04-08T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.91456","published_at":"2026-04-09T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.91462","published_at":"2026-04-11T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.91465","published_at":"2026-04-12T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.91463","published_at":"2026-04-13T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.91487","published_at":"2026-04-16T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.91483","published_at":"2026-04-21T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.91492","published_at":"2026-04-24T12:55:00Z"},{"value":"0.06993","scoring_system":"epss","scoring_elements":"0.9149","published_at":"2026-04-26T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-27903"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.7","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://community.openvpn.net/openvpn/wiki/CVE-2024-27903","reference_id":"CVE-2024-27903","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-07-08T14:29:39Z/"}],"url":"https://community.openvpn.net/openvpn/wiki/CVE-2024-27903"},{"reference_url":"https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07534.html","reference_id":"msg07534.html","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-07-08T14:29:39Z/"}],"url":"https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07534.html"},{"reference_url":"https://openvpn.net/security-advisory/ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974/","reference_id":"ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974","reference_type":"","scores":[{"value":"7.2","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2024-07-08T14:29:39Z/"}],"url":"https://openvpn.net/security-advisory/ovpnx-vulnerability-cve-2024-27903-cve-2024-27459-cve-2024-24974/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934116?format=json","purl":"pkg:deb/debian/openvpn@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934104?format=json","purl":"pkg:deb/debian/openvpn@2.5.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.5.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934102?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934107?format=json","purl":"pkg:deb/debian/openvpn@2.6.14-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.14-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934105?format=json","purl":"pkg:deb/debian/openvpn@2.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934106?format=json","purl":"pkg:deb/debian/openvpn@2.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1076110?format=json","purl":"pkg:deb/debian/openvpn@2.7.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081555?format=json","purl":"pkg:deb/debian/openvpn@2.7.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.3-1%3Fdistro=trixie"}],"aliases":["CVE-2024-27903"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qw3z-yr6x-2uhd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/267262?format=json","vulnerability_id":"VCID-qwa7-cv2s-53hp","summary":"Insufficient argument validation in OpenVPN 2.7_alpha1 through 2.7_rc1 allows an attacker to trigger a heap buffer over-read when parsing IP addresses","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-12106","reference_id":"","reference_type":"","scores":[{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21189","published_at":"2026-05-05T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21344","published_at":"2026-05-09T12:55:00Z"},{"value":"0.0007","scoring_system":"epss","scoring_elements":"0.21256","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.21951","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.2209","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22142","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.22136","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.21923","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00073","scoring_system":"epss","scoring_elements":"0.21938","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24216","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24079","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24098","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00083","scoring_system":"epss","scoring_elements":"0.24184","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29872","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29837","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29775","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29963","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29916","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29881","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29836","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00113","scoring_system":"epss","scoring_elements":"0.29785","published_at":"2026-04-13T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-12106"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://community.openvpn.net/Security%20Announcements/CVE-2025-12106","reference_id":"CVE-2025-12106","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:49:24Z/"}],"url":"https://community.openvpn.net/Security%20Announcements/CVE-2025-12106"},{"reference_url":"https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00152.html","reference_id":"msg00152.html","reference_type":"","scores":[{"value":"9.1","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-12-01T18:49:24Z/"}],"url":"https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00152.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934116?format=json","purl":"pkg:deb/debian/openvpn@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934104?format=json","purl":"pkg:deb/debian/openvpn@2.5.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.5.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934102?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934107?format=json","purl":"pkg:deb/debian/openvpn@2.6.14-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.14-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934105?format=json","purl":"pkg:deb/debian/openvpn@2.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934106?format=json","purl":"pkg:deb/debian/openvpn@2.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1076110?format=json","purl":"pkg:deb/debian/openvpn@2.7.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081555?format=json","purl":"pkg:deb/debian/openvpn@2.7.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.3-1%3Fdistro=trixie"}],"aliases":["CVE-2025-12106"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qwa7-cv2s-53hp"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/66391?format=json","vulnerability_id":"VCID-rprb-r52n-7ygu","summary":"OpenVPN: OpenVPN: Improper validation of source IP addresses leads to denial of service","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13086.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-13086.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13086","reference_id":"","reference_type":"","scores":[{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13178","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13442","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13412","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13417","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00044","scoring_system":"epss","scoring_elements":"0.13333","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13879","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13903","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13969","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13994","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13958","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00046","scoring_system":"epss","scoring_elements":"0.13888","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16322","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00052","scoring_system":"epss","scoring_elements":"0.16312","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19203","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27989","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28083","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28041","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.27973","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28177","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.28046","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00102","scoring_system":"epss","scoring_elements":"0.2809","published_at":"2026-04-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-13086"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121086","reference_id":"1121086","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1121086"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418671","reference_id":"2418671","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2418671"},{"reference_url":"https://community.openvpn.net/Security%20Announcements/CVE-2025-13086","reference_id":"CVE-2025-13086","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:48:54Z/"}],"url":"https://community.openvpn.net/Security%20Announcements/CVE-2025-13086"},{"reference_url":"https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00151.html","reference_id":"msg00151.html","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:48:54Z/"}],"url":"https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00151.html"},{"reference_url":"https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00152.html","reference_id":"msg00152.html","reference_type":"","scores":[{"value":"4.6","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-12-03T21:48:54Z/"}],"url":"https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00152.html"},{"reference_url":"https://usn.ubuntu.com/7898-1/","reference_id":"USN-7898-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/7898-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934116?format=json","purl":"pkg:deb/debian/openvpn@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934104?format=json","purl":"pkg:deb/debian/openvpn@2.5.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.5.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934102?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934107?format=json","purl":"pkg:deb/debian/openvpn@2.6.14-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.14-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934125?format=json","purl":"pkg:deb/debian/openvpn@2.7.0~rc2-2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.0~rc2-2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934105?format=json","purl":"pkg:deb/debian/openvpn@2.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934106?format=json","purl":"pkg:deb/debian/openvpn@2.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1076110?format=json","purl":"pkg:deb/debian/openvpn@2.7.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081555?format=json","purl":"pkg:deb/debian/openvpn@2.7.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.3-1%3Fdistro=trixie"}],"aliases":["CVE-2025-13086"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-rprb-r52n-7ygu"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/60886?format=json","vulnerability_id":"VCID-ttj5-upnp-3qfd","summary":"Multiple vulnerabilities have been discovered in OpenVPN, the worst of which could lead to information disclosure.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46849","reference_id":"","reference_type":"","scores":[{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65172","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.64949","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65029","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65014","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65033","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65046","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65044","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65025","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65073","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65115","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65084","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65105","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65162","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.64976","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.64939","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.64989","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65004","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65021","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65011","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.64983","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65019","published_at":"2026-04-16T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2023-46849"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055805","reference_id":"1055805","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055805"},{"reference_url":"https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/","reference_id":"access-server-security-update-cve-2023-46849-cve-2023-46850","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-11T14:28:40Z/"}],"url":"https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/"},{"reference_url":"https://community.openvpn.net/openvpn/wiki/CVE-2023-46849","reference_id":"CVE-2023-46849","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-11T14:28:40Z/"}],"url":"https://community.openvpn.net/openvpn/wiki/CVE-2023-46849"},{"reference_url":"https://www.debian.org/security/2023/dsa-5555","reference_id":"dsa-5555","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-11T14:28:40Z/"}],"url":"https://www.debian.org/security/2023/dsa-5555"},{"reference_url":"https://security.gentoo.org/glsa/202409-08","reference_id":"GLSA-202409-08","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/202409-08"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3FS46ANNTAVLIQY56ZKGM5CBTRVBUNE/","reference_id":"L3FS46ANNTAVLIQY56ZKGM5CBTRVBUNE","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-11T14:28:40Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L3FS46ANNTAVLIQY56ZKGM5CBTRVBUNE/"},{"reference_url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O54I7D753V6PU6XBU26FEROD2DSHEJQ4/","reference_id":"O54I7D753V6PU6XBU26FEROD2DSHEJQ4","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-06-11T14:28:40Z/"}],"url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O54I7D753V6PU6XBU26FEROD2DSHEJQ4/"},{"reference_url":"https://usn.ubuntu.com/6484-1/","reference_id":"USN-6484-1","reference_type":"","scores":[],"url":"https://usn.ubuntu.com/6484-1/"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934116?format=json","purl":"pkg:deb/debian/openvpn@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934104?format=json","purl":"pkg:deb/debian/openvpn@2.5.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.5.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934121?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u2?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u2%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934102?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934122?format=json","purl":"pkg:deb/debian/openvpn@2.6.7-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.7-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934107?format=json","purl":"pkg:deb/debian/openvpn@2.6.14-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.14-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934105?format=json","purl":"pkg:deb/debian/openvpn@2.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934106?format=json","purl":"pkg:deb/debian/openvpn@2.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1076110?format=json","purl":"pkg:deb/debian/openvpn@2.7.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081555?format=json","purl":"pkg:deb/debian/openvpn@2.7.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.3-1%3Fdistro=trixie"}],"aliases":["CVE-2023-46849"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-ttj5-upnp-3qfd"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/224477?format=json","vulnerability_id":"VCID-w1eu-fbhk-pucv","summary":"OpenVPN version 2.4.0 through 2.6.10 on Windows allows an external, lesser privileged process to create a named pipe which the OpenVPN GUI component would connect to allowing it to escalate its privileges","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4877","reference_id":"","reference_type":"","scores":[{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44431","published_at":"2026-05-14T12:55:00Z"},{"value":"0.0022","scoring_system":"epss","scoring_elements":"0.44451","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46308","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46158","published_at":"2026-05-07T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46178","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46117","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46147","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46221","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.4624","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46188","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46244","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46246","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.4627","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46241","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46251","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46304","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46248","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.4623","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46186","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00234","scoring_system":"epss","scoring_elements":"0.46092","published_at":"2026-05-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2024-4877"},{"reference_url":"https://community.openvpn.net/openvpn/wiki/CVE-2024-4877","reference_id":"CVE-2024-4877","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-04T13:23:24Z/"}],"url":"https://community.openvpn.net/openvpn/wiki/CVE-2024-4877"},{"reference_url":"https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07634.html","reference_id":"msg07634.html","reference_type":"","scores":[{"value":"8.8","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-04T13:23:24Z/"}],"url":"https://www.mail-archive.com/openvpn-users@lists.sourceforge.net/msg07634.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934116?format=json","purl":"pkg:deb/debian/openvpn@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934104?format=json","purl":"pkg:deb/debian/openvpn@2.5.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.5.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934102?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934107?format=json","purl":"pkg:deb/debian/openvpn@2.6.14-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.14-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934105?format=json","purl":"pkg:deb/debian/openvpn@2.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934106?format=json","purl":"pkg:deb/debian/openvpn@2.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1076110?format=json","purl":"pkg:deb/debian/openvpn@2.7.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081555?format=json","purl":"pkg:deb/debian/openvpn@2.7.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.3-1%3Fdistro=trixie"}],"aliases":["CVE-2024-4877"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-w1eu-fbhk-pucv"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/313017?format=json","vulnerability_id":"VCID-xwnt-nju3-yybg","summary":"Insufficient epoch key slot processing in OpenVPN 2.7_alpha1 through 2.7_rc5 allows remote authenticated users to trigger an assert resulting in a denial of service","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15497","reference_id":"","reference_type":"","scores":[{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18177","published_at":"2026-04-04T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.18124","published_at":"2026-04-02T12:55:00Z"},{"value":"0.00057","scoring_system":"epss","scoring_elements":"0.17878","published_at":"2026-04-07T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20558","published_at":"2026-05-15T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20481","published_at":"2026-05-09T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20457","published_at":"2026-05-11T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20472","published_at":"2026-05-12T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20555","published_at":"2026-05-14T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.2061","published_at":"2026-04-08T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20669","published_at":"2026-04-09T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20689","published_at":"2026-04-11T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20646","published_at":"2026-04-12T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20593","published_at":"2026-04-13T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20581","published_at":"2026-04-16T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20579","published_at":"2026-04-18T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20573","published_at":"2026-04-21T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20461","published_at":"2026-04-24T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20458","published_at":"2026-04-26T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20426","published_at":"2026-04-29T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20322","published_at":"2026-05-05T12:55:00Z"},{"value":"0.00067","scoring_system":"epss","scoring_elements":"0.20394","published_at":"2026-05-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2025-15497"},{"reference_url":"https://community.openvpn.net/Security%20Announcements/CVE-2025-15497","reference_id":"CVE-2025-15497","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-30T19:29:17Z/"}],"url":"https://community.openvpn.net/Security%20Announcements/CVE-2025-15497"},{"reference_url":"https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00156.html","reference_id":"msg00156.html","reference_type":"","scores":[{"value":"3.8","scoring_system":"cvssv4","scoring_elements":"CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:H/E:U"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2026-01-30T19:29:17Z/"}],"url":"https://www.mail-archive.com/openvpn-announce@lists.sourceforge.net/msg00156.html"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/934116?format=json","purl":"pkg:deb/debian/openvpn@0?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@0%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934104?format=json","purl":"pkg:deb/debian/openvpn@2.5.1-3?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.5.1-3%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934102?format=json","purl":"pkg:deb/debian/openvpn@2.6.3-1%2Bdeb12u4?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.3-1%252Bdeb12u4%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934107?format=json","purl":"pkg:deb/debian/openvpn@2.6.14-1%2Bdeb13u1?distro=trixie","is_vulnerable":true,"affected_by_vulnerabilities":[{"vulnerability":"VCID-m93u-qysb-aqe8"},{"vulnerability":"VCID-pndq-nwkn-cya3"}],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.6.14-1%252Bdeb13u1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934126?format=json","purl":"pkg:deb/debian/openvpn@2.7.0~rc5-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.0~rc5-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934105?format=json","purl":"pkg:deb/debian/openvpn@2.7.0-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.0-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/934106?format=json","purl":"pkg:deb/debian/openvpn@2.7.1-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.1-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1076110?format=json","purl":"pkg:deb/debian/openvpn@2.7.2-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.2-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/1081555?format=json","purl":"pkg:deb/debian/openvpn@2.7.3-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@2.7.3-1%3Fdistro=trixie"}],"aliases":["CVE-2025-15497"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-xwnt-nju3-yybg"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/openvpn@0%3Fdistro=trixie"}