0.7.2

DATE	CVE	VULNERABILITY TITLE	RISK
2019-04-17	CVE-2019-9494	Information Exposure Through Discrepancy vulnerability in multiple products The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. network high complexity w1-fi fedoraproject opensuse synology freebsd CWE-203	5.9
2016-05-09	CVE-2016-4476	Improper Input Validation vulnerability in multiple products hostapd 0.6.7 through 2.5 and wpa_supplicant 0.6.7 through 2.5 do not reject \n and \r characters in passphrase parameters, which allows remote attackers to cause a denial of service (daemon outage) via a crafted WPS operation. network low complexity w1-fi canonical CWE-20	7.5