Vulnerabilities > Strongswan > Strongswan > 2.8.11
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-31 | CVE-2022-40617 | Resource Exhaustion vulnerability in multiple products strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example) just does nothing after the initial TCP handshake, or sends an excessive amount of application data. | 7.5 |
| 2019-06-12 | CVE-2019-10155 | Improper Validation of Integrity Check Value vulnerability in multiple products The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. | 3.1 |
| 2018-10-03 | CVE-2018-17540 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate. | 7.5 |
| 2018-05-31 | CVE-2018-5388 | Out-of-bounds Write vulnerability in multiple products In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket. | 6.5 |
| 2017-08-18 | CVE-2017-11185 | NULL Pointer Dereference vulnerability in Strongswan The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature. | 7.5 |
| 2017-06-08 | CVE-2017-9023 | Infinite Loop vulnerability in Strongswan The ASN.1 parser in strongSwan before 5.5.3 improperly handles CHOICE types when the x509 plugin is enabled, which allows remote attackers to cause a denial of service (infinite loop) via a crafted certificate. | 7.5 |
| 2017-06-08 | CVE-2017-9022 | Improper Input Validation vulnerability in multiple products The gmp plugin in strongSwan before 5.5.3 does not properly validate RSA public keys before calling mpz_powm_sec, which allows remote peers to cause a denial of service (floating point exception and process crash) via a crafted certificate. | 7.5 |