A vulnerability related to certificate verification in TLS-based EAP methods was discovered in strongSwan that results in a denial of service but possibly even remote code execution. Versions 5.9.8 and 5.9.9 may be affected.
A vulnerability related to certificate verification in TLS-based EAP methods was discovered in strongSwan that results in a denial of service but possibly even remote code execution. Versions 5.9.8 and 5.9.9 may be affected.
A vulnerability related to online certificate revocation checking was discovered in strongSwan that can lead to a denial-of-service attack. All versions may be affected.
A vulnerability in the EAP client implementation was discovered in strongSwan. All versions since 4.1.2 are affected.
A denial-of-service vulnerability in the in-memory certificate cache was discovered in strongSwan. All versions since 4.2.10 are affected.
A denial-of-service vulnerability in the gmp plugin was discovered in strongSwan. All versions since 5.6.1 are affected.
A denial-of-service vulnerability in the gmp plugin was discovered in strongSwan. All versions patched with the fix for CVE-2018-16151/2 are affected.
A potential authorization bypass vulnerability in the gmp plugin was discovered in strongSwan. All versions are affected in certain configurations.
A denial-of-service vulnerability in the IKEv2 key derivation if the openssl plugin is used in FIPS mode and HMAC-MD5 is negotiated as PRF was discovered, all strongSwan versions since 5.0.1 may be affected.