A vulnerability in the gmp plugin related to RSA decryption was discovered in strongSwan that can result in a crash. All versions since 4.3.2 are affected.
A vulnerability in the gmp plugin related to RSA decryption was discovered in strongSwan that can result in a crash. All versions since 4.3.2 are affected.
A vulnerability in libradius related to the processing of RADIUS attributes was discovered in strongSwan that can result in an infinite loop or an out-of-bounds read that may cause a crash. All versions since 4.2.14 are affected.
A vulnerability in libtls related to the processing of ECDH public values in TLS < 1.3 was discovered in strongSwan that can result in a crash. All versions since 4.5.0 are affected.
A vulnerability in the constraints plugin related to the processing of X.509 name constraints was discovered in strongSwan that can allow authentication with certificates that violate the constraints. All versions since 4.5.1 are affected.
A vulnerability in libsimaka related to the processing of certain EAP-SIM/AKA attributes was discovered in strongSwan that can result in an infinite loop or a heap-based buffer overflow and potentially remote code execution. All versions since 4.3.6 are affected.
A vulnerability in libstrongswan and the pkcs7 plugin related to the processing of encrypted PKCS#7 containers was discovered in strongSwan that can result in a crash. All versions since 5.0.2 are affected.
A vulnerability in the eap-ttls plugin related to processing EAP-TTLS AVPs was discovered in strongSwan that can result in resource exhaustion or a crash. All versions since 4.5.0 are affected.
A vulnerability in the NetworkManager plugin that potentially allows using credentials of other local users was discovered in strongSwan. All versions are affected.