Strongswan » Strongswan » 2.5.2 : Security Vulnerabilities, CVEs, (Memory corruption) CVSS score >= 6
The gmp plugin in strongSwan before 5.6.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted RSA signature.
Max CVSS
7.5
EPSS Score
0.74%
Published
2017-08-18
Updated
2018-08-13
In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the socket.
Max CVSS
6.5
EPSS Score
0.57%
Published
2018-05-31
Updated
2023-06-12
2 vulnerabilities found