📦 Strongswan

Name: Strongswan
Author: Strongswan

by Strongswan

🔍 What is Strongswan?

Description coming soon...

🛡️ Security Overview

Click on a severity to filter vulnerabilities

⚠️ Known Vulnerabilities

CVE-2023-41913

CRITICAL CVSS 9.8 Dec 7, 2023

This vulnerability in strongSwan allows unauthenticated remote attackers to execute arbitrary code via a buffer overflow in the charon-tkm DH proxy. Attackers can trigger this by sending a crafted IKE...

CVE-2021-45079

CRITICAL CVSS 9.1 Jan 31, 2022

This vulnerability in strongSwan allows a malicious VPN responder to bypass authentication by sending an EAP-Success message prematurely. Attackers can establish unauthorized VPN connections without p...

CVE-2022-4967

HIGH CVSS 7.7 May 14, 2024

CVE-2022-4967 is an authorization bypass vulnerability in strongSwan VPN software where clients can authenticate with trusted certificates but claim arbitrary identities, bypassing identity-based acce...

CVE-2021-41990

HIGH CVSS 7.5 Oct 18, 2021

CVE-2021-41990 is an integer overflow vulnerability in the gmp plugin of strongSwan VPN software. Attackers can trigger this by sending a specially crafted certificate with an RSASSA-PSS signature, po...