Vulnerabilities > Strongswan > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-31 | CVE-2018-5388 | Out-of-bounds Write vulnerability in multiple products In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket. | 6.5 |
| 2018-02-20 | CVE-2018-6459 | Improper Verification of Cryptographic Signature vulnerability in Strongswan 5.6.1 The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that lacks a mask generation function parameter. | 5.3 |