Search CVE reports
1 – 10 of 50 results
Some fixes available 3 of 7
Possible NULL-Pointer Dereference in RSA Decryption
1 affected package
strongswan
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| strongswan | — | Fixed | Fixed | Needs evaluation | Needs evaluation |
Some fixes available 3 of 7
Integer Underflow When Handling RADIUS Attributes
1 affected package
strongswan
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| strongswan | — | Fixed | Fixed | Needs evaluation | Needs evaluation |
Some fixes available 3 of 7
NULL-Pointer Dereference When Handling ECDH Public Value in TLS
1 affected package
strongswan
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| strongswan | — | Fixed | Fixed | Needs evaluation | Needs evaluation |
Some fixes available 3 of 7
Accepting Certificates Violating Name Constraints
1 affected package
strongswan
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| strongswan | — | Fixed | Fixed | Needs evaluation | Needs evaluation |
Some fixes available 3 of 7
Integer Underflow When Handling EAP-SIM/AKA Attributes
1 affected package
strongswan
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| strongswan | — | Fixed | Fixed | Needs evaluation | Needs evaluation |
Some fixes available 3 of 7
NULL-Pointer Dereference When Processing Padding in PKCS#7
1 affected package
strongswan
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| strongswan | — | Fixed | Fixed | Needs evaluation | Needs evaluation |
Some fixes available 3 of 7
Infinite Loop When Handling Supported Versions TLS Extension
1 affected package
strongswan
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| strongswan | — | Fixed | Fixed | Needs evaluation | Needs evaluation |
Some fixes available 3 of 7
strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid...
1 affected package
strongswan
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| strongswan | — | Fixed | Fixed | Needs evaluation | Needs evaluation |
Some fixes available 4 of 8
In the eap-mschapv2 plugin (client-side) in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow.
1 affected package
strongswan
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| strongswan | — | Fixed | Fixed | Needs evaluation | Needs evaluation |
strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch (CWE-297). When certificates are used to authenticate clients in TLS-based EAP methods, the...
1 affected package
strongswan
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| strongswan | — | Not affected | Fixed | Not affected | Not affected |