OpenVPN

target_in_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
de.blinkt.openvpn GOOGLE_PLAY_APP_ID high high high critical
https://github.com/OpenVPN/easy-rsa SOURCE_CODE high high high critical
https://github.com/OpenVPN/openvpn SOURCE_CODE high high high critical
https://github.com/OpenVPN/openvpn-build SOURCE_CODE high high high critical
https://github.com/OpenVPN/openvpn-gui SOURCE_CODE high high high critical
https://github.com/OpenVPN/openvpn-windows-test SOURCE_CODE high high high critical
https://github.com/OpenVPN/tap-windows SOURCE_CODE high high high critical
https://github.com/OpenVPN/tap-windows6 SOURCE_CODE high high high critical
https://github.com/schwabe/ics-openvpn SOURCE_CODE high high high critical
https://staging.openvpn.net/openvpn3/ SOURCE_CODE high high high critical
https://github.com/OpenVPN/openvpn3 SOURCE_CODE high high high critical
https://github.com/OpenVPN/openvpn3-linux SOURCE_CODE high high high critical

target_out_of_scope

asset_identifier asset_type availability requirement confidentiality requirement eligible for bounty eligible for submission integrity requirement max_severity
*.openvpn.com URL none
Infrastructure issues are outside of the scope for our Hackerone program. We do appreciate getting such reports, but can't give public thanks or bounties for them on the HackerOne platform.
*.openvpn.net URL none
Infrastructure issues are outside of the scope for our Hackerone program. We do appreciate getting such reports, but can't give public thanks or bounties for them on the HackerOne platform.
*.openvpn.org URL none
Infrastructure issues are outside of the scope for our Hackerone program. We do appreciate getting such reports, but can't give public thanks or bounties for them on the HackerOne platform.
*.privatetunnel.com URL none
Infrastructure issues are outside of the scope for our Hackerone program. We do appreciate getting such reports, but can't give public thanks or bounties for them on the HackerOne platform.
Access Server DOWNLOADABLE_EXECUTABLES none
The [OpenVPN Access Server](https://openvpn.net/vpn-server/) is a commercial product and is outside of the scope of our HackerOne program.
https://github.com/OpenVPN/openvpn-windows-test SOURCE_CODE none none none none
Test scripts are outside of the scope of our program
https://github.com/OpenVPN/tap-windows SOURCE_CODE high high high none
Tap-windows is EOL and will not be updated