Debian/wpa — 70 CVEs · VulnScope

pkg:Debian/wpa

70 total CVEsCRITICAL3HIGH21MEDIUM31LOW2

✅ Check your installed version

All known vulnerabilities

CRITICAL9.8CVE-2022-23304The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of…
from 0, < 2:2.9.0-21+deb11u3
CRITICAL9.8CVE-2022-23303wpa - security update
from 0, < 2:2.9.0-21+deb11u3
CRITICAL9.8wpa - security update
from 0, < 2:2.9.0-21+deb11u3
HIGH8.1The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elem…
from 0, < 2:2.7+git20190128+0c1e29f-4
HIGH8.1The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements,…
from 0, < 2:2.7+git20190128+0c1e29f-4
HIGH8.1The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-C…
from 0, < 2:2.7+git20190128+0c1e29f-4
HIGH8.1Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK…
from 0, < 2:2.4-1.1
HIGH7.8wpa - security update
from 0, < 2:2.9.0-21+deb11u2
HIGH7.8wpa - security update
from 0, < 2:2.9.0-21+deb11u2
HIGH7.8wpa_supplicant 0.4.0 through 2.5 does not reject \n and \r characters in passphrase parameters, which allows local users to trigger arbitra…
from 0, < 2.3-2.4
HIGH7.5wpa - security update
from 0, < 2:2.4-1+deb9u9
HIGH7.5wpa - security update
from 0, < 2:2.9.0-21
HIGH7.5wpa - security update
from 0, < 2:2.9.0-17
HIGH7.5wpa - security update
from 0, < 2:2.4-1+deb9u8
HIGH7.5wpa - security update
from 0, < 2:2.7+git20190128+0c1e29f-6+deb10u3
HIGH7.5wpa - security update
from 0, < 2:2.9.0-16
HIGH7.5wpa - security update
from 0, < 2:2.4-1+deb9u7
HIGH7.5wpa - security update
from 0, < 2:2.6-7
HIGH7.5wpa - security update
from 0, < 2.3-1+deb8u10
HIGH7.5An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing th…
from 0, < 2:2.7+git20190128+0c1e29f-4
HIGH7.5wpa - security update
from 0, < 2:2.6-7
HIGH7.5wpa - security update
from 0, < 2.3-1+deb8u7
HIGH7.5wpa - security update
from 0, < 1.0-3+deb7u4
HIGH7.5wpa - security update
from 0, < 2.3-2.4
MEDIUM6.8Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Tunneled Direct-Link Setup (TDLS) Peer Key (TPK) during the TDLS handsha…
from 0, < 2:2.4-1.1
MEDIUM6.8Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey ha…
from 0
MEDIUM6.8wpa - security update
from 0, < 2:2.4-1.1
MEDIUM6.8wpa - security update
from 0, < 1.0-3+deb7u5
MEDIUM6.8wpa - security update
from 0, < 2.3-1+deb8u5
MEDIUM6.5In hostapd 2.10 and earlier, the PKEX code remains active even after a successful PKEX association.
from 0, < 2:2.9.0-21+deb11u3
MEDIUM6.5wpa - security update
from 0, < 2:2.9.0-21+deb11u1
MEDIUM6.5wpa - security update
from 0, < 2:2.7+git20190128+0c1e29f-6+deb10u4
MEDIUM6.5An exploitable denial-of-service vulnerability exists in the 802.11w security state handling for hostapd 2.6 connected clients with valid 8…
from 0
MEDIUM6.5An exploitable denial-of-service vulnerability exists in the hostapd 2.6, where an attacker could trigger AP to send IAPP location updates…
from 0, < 2:2.9+git20200213+877d9a0-1
MEDIUM6.5wpa - security update
from 0, < 2.3-1+deb8u9
MEDIUM6.5wpa - security update
from 0, < 2:2.9-2
MEDIUM6.5wpa - security update
from 0, < 2.3-1+deb8u6
MEDIUM6.5wpa - security update
from 0, < 2:2.6-18
MEDIUM5.9wpa - security update
from 0, < 2:2.9-1
MEDIUM5.9wpa - security update
from 0, < 2:2.7+git20190128+0c1e29f-6+deb10u1
MEDIUM5.9wpa - security update
from 0, < 2:2.7+git20190128+0c1e29f-5
MEDIUM5.9wpa - security update
from 0, < 2.3-1+deb8u8
MEDIUM5.9wpa - security update
from 0, < 2:2.4-1+deb9u4
MEDIUM5.9The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing difference…
from 0, < 2:2.7+git20190128+0c1e29f-4
MEDIUM5.9The eap_pwd_perform_confirm_exchange function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6, when EAP-pwd is enabled in a network…
from 0, < 2.3-2.3
MEDIUM5.9The eap_pwd_process function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6 does not validate that the reassembly buffer is large e…
from 0, < 2.3-2.3
MEDIUM5.9The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large…
from 0, < 2.3-2.3
MEDIUM5.3In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x…
from 0
MEDIUM5.3Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Integrity Group Temporal Key (IGTK) when processing…
from 0, < 2:2.4-1.1
MEDIUM5.3Wi-Fi Protected Access (WPA and WPA2) that support 802.11v allows reinstallation of the Group Temporal Key (GTK) when processing a Wireless…
from 0, < 2:2.4-1.1
MEDIUM5.3Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during th…
from 0, < 2:2.4-1.1
MEDIUM5.3Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an att…
from 0, < 2:2.4-1.1
MEDIUM5.3Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during th…
from 0, < 2:2.4-1.1
MEDIUM5.3Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an atta…
from 0, < 2:2.4-1.1
MEDIUM4.3The WNM Sleep Mode code in wpa_supplicant 2.x before 2.6 does not properly ignore key data in response frames when management frame protect…
from 0, < 2.3-2.3
LOW3.7wpa - security update
from 0, < 2:2.4-1+deb9u3
LOW3.7wpa - security update
from 0, < 2:2.7+git20190128+0c1e29f-4
—Multiple integer overflows in the NDEF record parser in hostapd before 2.5 and wpa_supplicant before 2.5 allow remote attackers to cause a…
from 0, < 2.3-2.2
—The EAP-pwd peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not clear the L (Length) and M (More) flags before deter…
from 0, < 2.3-2.2
—The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate a fragment is already being proc…
from 0, < 2.3-2.2
—The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 does not validate that a message is long enough to…
from 0, < 2.3-2.2
—The EAP-pwd server and peer implementation in hostapd and wpa_supplicant 1.0 through 2.4 allows remote attackers to cause a denial of servi…
from 0, < 2.3-2.2
—hostapd - security update
from 0, < 2.3-2.2
—wpa - security update
from 0, < 2.3-2.2
—wpa - security update
from 0, < 1.0-3+deb7u3
—wpa - security update
from 0, < 2.3-2
—wpa - security update
from 0, < 1.0-3+deb7u2
—wpa - security update
from 0, < 1.0-3+deb7u1
—wpa - security update
from 0, < 2.3-1
—hostapd - denial of service
from 0, < 1.0-3