Debian/strongswan — 79 CVEs · VulnScope

pkg:Debian/strongswan

79 total CVEsCRITICAL8HIGH26MEDIUM4LOW1

✅ Check your installed version

All known vulnerabilities

CRITICAL9.8CVE-2023-41913strongswan - security update
from 0, < 5.7.2-1+deb10u4
CRITICAL9.8CVE-2023-41913strongswan - security update
from 0, < 5.9.1-1+deb11u4
CRITICAL9.8CVE-2023-41913strongswan - security update
from 0, < 5.9.1-1+deb11u4
CRITICAL9.8strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes wi…
from 0, < 5.9.8-4
CRITICAL9.8strongSwan 5.2.2 and 5.3.0 allows remote attackers to cause a denial of service (daemon crash) or execute arbitrary code.
from 0, < 5.3.0-2
CRITICAL9.1strongswan - security update
from 0, < 5.9.1-1+deb11u2
CRITICAL9.1strongswan - security update
from 0, < 5.7.2-1+deb10u2
CRITICAL9.1strongswan - security update
from 0, < 5.5.1-4+deb9u6
HIGH8.1strongswan - security update
from 0, < 5.9.8-5+deb12u2
HIGH8.1strongswan - security update
from 0, < 5.9.1-1+deb11u5
HIGH8.1strongswan - security update
from 0, < 5.9.1-1+deb11u5
HIGH7.5strongswan - security update
from 0, < 5.7.2-1+deb10u3
HIGH7.5strongswan - security update
from 0, < 5.9.1-1+deb11u3
HIGH7.5strongswan - security update
from 0, < 5.9.1-1+deb11u3
HIGH7.5strongswan - security update
from 0, < 5.5.1-4+deb9u5
HIGH7.5strongswan - security update
from 0, < 5.9.1-1+deb11u1
HIGH7.5strongswan - security update
from 0, < 5.9.1-1+deb11u1
HIGH7.5strongswan - security update
from 0, < 5.7.2-1+deb10u1
HIGH7.5strongswan - security update
from 0, < 5.5.1-4+deb9u4
HIGH7.5strongswan - security update
from 0, < 5.2.1-6+deb8u8
HIGH7.5strongswan - security update
from 0, < 5.7.1-1
HIGH7.5In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation b…
from 0, < 5.7.0-1
HIGH7.5strongswan - security update
from 0, < 5.5.1-4+deb9u3
HIGH7.5strongswan - security update
from 0, < 5.2.1-6+deb8u7
HIGH7.5strongswan - security update
from 0, < 5.7.0-1
HIGH7.5strongswan - security update
from 0, < 5.6.3-1
HIGH7.5strongswan - security update
from 0, < 5.2.1-6+deb8u6
HIGH7.5strongswan - security update
from 0, < 4.5.2-1.5+deb7u10
HIGH7.5strongswan - security update
from 0, < 5.2.1-6+deb8u5
HIGH7.5strongswan - security update
from 0, < 5.6.0-1
HIGH7.5The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers…
from 0, < 5.5.1-4
HIGH7.5strongswan - security update
from 0, < 5.5.1-4
HIGH7.5strongswan - security update
from 0, < 5.2.1-6+deb8u3
HIGH7.5strongswan - security update
from 0, < 4.5.2-1.5+deb7u9
MEDIUM6.5strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch…
from 0, < 5.9.6-1
MEDIUM6.5In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exh…
from 0, < 5.6.3-1
MEDIUM5.9The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks.
from 0
MEDIUM5.3The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause…
from 0, < 5.6.2-1
LOW3.1The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity…
from 0, < 5.1.0-1
—(no summary)
from 0
—(no summary)
from 0
—(no summary)
from 0
—(no summary)
from 0
—(no summary)
from 0
—(no summary)
from 0
—(no summary)
from 0
—(no summary)
from 0
—strongswan - security update
from 0, < 5.9.1-1+deb11u6
—strongswan - security update
from 0, < 5.9.1-1+deb11u6
—strongswan - security update
from 0, < 5.9.8-5+deb12u3
—strongswan - security update
from 0, < 5.3.3-3
—strongswan - security update
from 0, < 4.4.1-5.8
—strongswan - security update
from 0, < 4.5.2-1.5+deb7u8
—strongswan - security update
from 0, < 5.3.1-1
—strongswan - security update
from 0, < 4.4.1-5.7
—strongswan - security update
from 0, < 4.5.2-1.5+deb7u7
—strongswan - security update
from 0, < 4.5.2-1.5+deb7u6
—strongswan - security update
from 0, < 5.2.1-5
—strongswan - security update
from 0, < 5.1.2-1
—strongswan - security update
from 0, < 4.4.1-5.6
—strongswan - security update
from 0, < 5.1.2-4
—strongswan - security update
from 0, < 4.4.1-5.5
—strongSwan 5.0.2 through 5.1.0 allows remote attackers to cause a denial of service (NULL pointer dereference and charon daemon crash) via…
from 0, < 5.1.0-3
—strongswan - Denial of service and authorization bypass
from 0, < 4.4.1-5.4
—strongswan - Denial of service and authorization bypass
from 0, < 5.1.0-3
—Buffer overflow in the atodn function in strongSwan 2.0.0 through 4.3.4, when Opportunistic Encryption is enabled and an RSA key is being u…
from 0, < 4.3.4-1
—strongswan - authentication bypass
from 0, < 4.4.1-5.3
—strongswan - authentication bypass
from 0, < 4.6.4-7
—strongswan - authentication bypass
from 0, < 4.4.1-5.2
—strongswan - authentication bypass
from 0, < 4.5.2-1.4
—The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the return values of snprintf calls, which a…
from 0, < 4.4.1-1
—The asn1_length function in strongSwan 2.8 before 2.8.11, 4.2 before 4.2.17, and 4.3 before 4.3.3 does not properly handle X.509 certificat…
from 0, < 4.3.2-1.1
—openswan - denial of service
from 0, < 4.2.14-1.2
—charon/sa/tasks/child_create.c in the charon daemon in strongSWAN before 4.3.1 switches the NULL checks for TSi and TSr payloads, which all…
from 0, < 4.2.14-1.1
—strongswan - denial of service
from 0, < 2.8.0+dfsg-1+etch2
—strongswan - denial of service
from 0, < 4.2.14-1.1
—strongswan - denial of service
from 0, < 4.2.14-1
—strongswan - denial of service
from 0, < 2.8.0+dfsg-1+etch1
—strongSwan 4.2.6 and earlier allows remote attackers to cause a denial of service (daemon crash) via an IKE_SA_INIT message with a large nu…
from 0, < 4.2.4-5