| Max CVSS | 5.0 | Min CVSS | 4.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-5388 | 4.0 |
In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.
|
12-06-2023 - 07:15 | 31-05-2018 - 13:29 | |
| CVE-2018-10811 | 5.0 |
strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.
|
18-05-2021 - 14:28 | 19-06-2018 - 21:29 | |
| CVE-2018-6459 | 5.0 |
The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that lacks a mask generation function parameter.
|
30-03-2020 - 01:15 | 20-02-2018 - 15:29 | |
| CVE-2018-17540 | 5.0 |
The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate.
|
01-12-2019 - 01:15 | 03-10-2018 - 20:29 | |
| CVE-2018-16151 | 5.0 |
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verificati
|
01-12-2019 - 01:15 | 26-09-2018 - 21:29 | |
| CVE-2018-16152 | 5.0 |
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature ve
|
01-12-2019 - 01:15 | 26-09-2018 - 21:29 |