Known Vulnerabilities for products from Strongswan
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Strongswan".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-41991 | The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with di... | 7.5 - HIGH | 2021-10-18 | 2023-11-07 |
| CVE-2021-41990 | The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signatur... | 7.5 - HIGH | 2021-10-18 | 2023-11-07 |
| CVE-2019-10155 | The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted... | 3.1 - LOW | 2019-06-12 | 2023-11-07 |
| CVE-2018-17540 | The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate. | 7.5 - HIGH | 2018-10-03 | 2023-11-07 |
| CVE-2018-16152 | In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA im... | 7.5 - HIGH | 2018-09-26 | 2023-11-07 |
| CVE-2018-16151 | In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA im... | 7.5 - HIGH | 2018-09-26 | 2023-11-07 |
| CVE-2018-10811 | strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable. | 7.5 - HIGH | 2018-06-19 | 2023-11-07 |
| CVE-2018-6459 | The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote atta... | 5.3 - MEDIUM | 2018-02-20 | 2023-11-07 |
| CVE-2018-5388 | In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead t... | 6.5 - MEDIUM | 2018-05-31 | 2023-11-07 |
| CVE-2017-11185 | The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and ... | 7.5 - HIGH | 2017-08-18 | 2023-11-07 |
| CVE-2017-9023 | The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows rem... | 7.5 - HIGH | 2017-06-08 | 2023-11-07 |
| CVE-2017-9022 | The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allow... | 7.5 - HIGH | 2017-06-08 | 2023-11-07 |
| CVE-2015-8023 | The server implementation of the EAP-MSCHAPv2 protocol in the eap-mschapv2 plugin in strongSwan 4.2.12 through 5.x before 5.3... | 5 - MEDIUM | 2015-11-18 | 2023-11-07 |
| CVE-2015-4171 | strongSwan 4.3.0 through 5.x before 5.3.2 and strongSwan VPN Client before 1.4.6, when using EAP or pre-shared keys for authe... | 2.6 - LOW | 2015-06-10 | 2017-11-08 |
| CVE-2015-3991 | strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code. | 9.8 - CRITICAL | 2017-09-07 | 2023-11-07 |
| CVE-2014-9221 | strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service (invalid pointer dereference... | 5 - MEDIUM | 2015-01-07 | 2023-11-07 |
| CVE-2014-2891 | strongSwan before 5.1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon crash) ... | 5 - MEDIUM | 2014-05-07 | 2023-11-07 |
| CVE-2014-2338 | IKEv2 in strongSwan 4.0.7 before 5.1.3 allows remote attackers to bypass authentication by rekeying an IKE_SA during (1) init... | 6.4 - MEDIUM | 2014-04-16 | 2016-11-28 |
| CVE-2013-6076 | strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and charon daem... | 5 - MEDIUM | 2013-11-02 | 2013-11-21 |
| CVE-2013-6075 | The compare_dn function in utils/identification.c in strongSwan 4.3.3 through 5.1.1 allows (1) remote attackers to cause a de... | 5 - MEDIUM | 2013-11-02 | 2013-11-21 |
Known software with vulnerabilities from Strongswan
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Strongswan | Davici | 0.1 |
| Application | Strongswan | Strongswan | 2.0.0 |
| Application | Strongswan | Strongswan Vpn Client | 1.4.5 |