Vulnerabilities > Openvpn > Connect > 3.2.4

DATE CVE VULNERABILITY TITLE RISK
2024-01-08 CVE-2023-7224 Code Injection vulnerability in Openvpn Connect
OpenVPN Connect version 3.0 through 3.4.6 on macOS allows local users to execute code in external third party libraries using the DYLD_INSERT_LIBRARIES environment variable
local
low complexity
openvpn CWE-94
7.8
2023-10-17 CVE-2022-3761 Improper Certificate Validation vulnerability in Openvpn Connect
OpenVPN Connect versions before 3.4.0.4506 (macOS) and OpenVPN Connect before 3.4.0.3100 (Windows) allows man-in-the-middle attackers to intercept configuration profile download requests which contains the users credentials
network
high complexity
openvpn CWE-295
5.9
2021-03-30 CVE-2020-15075 Link Following vulnerability in Openvpn Connect
OpenVPN Connect installer for macOS version 3.2.6 and older may corrupt system critical files it should not have access via symlinks in /tmp.
local
low complexity
openvpn CWE-59
7.1