Search CVE reports
1 – 10 of 41 results
CVE-2022-4967
Medium prioritystrongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch (CWE-297). When certificates are used to authenticate clients in TLS-based EAP methods, the...
1 affected package
strongswan
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
strongswan | Not affected | Fixed | Not affected | Not affected | Not affected |
CVE-2024-3661
Medium priorityDHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An...
29 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
connman | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
gadmin-openvpn-client | Not in release | Not in release | Vulnerable | Vulnerable | Vulnerable |
gadmin-openvpn-server | Not in release | Not in release | Vulnerable | Vulnerable | Vulnerable |
golang-github-apparentlymart-go-openvpn-mgmt | Vulnerable | Vulnerable | Vulnerable | — | — |
kvpnc | Not in release | Not in release | Not in release | Vulnerable | Vulnerable |
libreswan | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
mozillavpn | Not in release | Vulnerable | Not in release | — | — |
n2n | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
network-manager-fortisslvpn | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
network-manager-iodine | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
network-manager-l2tp | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
network-manager-openconnect | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
network-manager-openvpn | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
network-manager-pptp | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
network-manager-sstp | Vulnerable | Vulnerable | Not in release | — | — |
network-manager-strongswan | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
network-manager-vpnc | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
openconnect | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
openfortivpn | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
openvpn | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
pptp-linux | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
pptpd | Not in release | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
quicktun | Vulnerable | Vulnerable | Vulnerable | Vulnerable | — |
riseup-vpn | Vulnerable | Not in release | Not in release | — | — |
softether-vpn | Vulnerable | Vulnerable | Not in release | — | — |
sshuttle | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
tinc | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
vpnc | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
wireguard | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2023-41913
Medium prioritystrongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack...
1 affected package
strongswan
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
strongswan | — | Fixed | Fixed | Fixed | Fixed |
CVE-2023-36673
Medium priorityAn issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel,...
31 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
connman | Not affected | Not affected | Not affected | Not affected | Not affected |
gadmin-openvpn-client | Not in release | Not in release | Not affected | Not affected | Not affected |
gadmin-openvpn-server | Not in release | Not in release | Not affected | Not affected | Not affected |
golang-github-apparentlymart-go-openvpn-mgmt | Not affected | Not affected | Not affected | Not in release | Not in release |
kvpnc | Not in release | Not in release | Not in release | Not affected | Not affected |
l2tp-ipsec-vpn | Not in release | Not in release | Not in release | Not in release | Not in release |
l2tp-ipsec-vpn-daemon | Not in release | Not in release | Not in release | Not in release | Not in release |
libreswan | Not affected | Not affected | Not affected | Not affected | Not in release |
mozillavpn | Not in release | Not affected | Not in release | Not in release | Not in release |
n2n | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-fortisslvpn | Not affected | Not affected | Not affected | Not affected | Not in release |
network-manager-iodine | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-l2tp | Not affected | Not affected | Not affected | Not affected | Not in release |
network-manager-openconnect | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-pptp | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-sstp | Not affected | Not affected | Not in release | Not in release | Not in release |
network-manager-strongswan | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
openconnect | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
openfortivpn | Not affected | Not affected | Not affected | Not affected | Not in release |
openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
pptp-linux | Not affected | Not affected | Not affected | Not affected | Not affected |
quicktun | Not affected | Not affected | Not affected | Not affected | Not in release |
riseup-vpn | Not affected | Not in release | Not in release | Not in release | Not in release |
softether-vpn | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
sshuttle | Not affected | Not affected | Not affected | Not affected | Not affected |
tinc | Not affected | Not affected | Not affected | Not affected | Not affected |
vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
wireguard | Not affected | Not affected | Not affected | Not affected | Not affected |
zentyal-openvpn | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2023-36672
Medium priorityAn issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if...
31 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
connman | Not affected | Not affected | Not affected | Not affected | Not affected |
gadmin-openvpn-client | Not in release | Not in release | Not affected | Not affected | Not affected |
gadmin-openvpn-server | Not in release | Not in release | Not affected | Not affected | Not affected |
golang-github-apparentlymart-go-openvpn-mgmt | Not affected | Not affected | Not affected | Not in release | Not in release |
kvpnc | Not in release | Not in release | Not in release | Not affected | Not affected |
l2tp-ipsec-vpn | Not in release | Not in release | Not in release | Not in release | Not in release |
l2tp-ipsec-vpn-daemon | Not in release | Not in release | Not in release | Not in release | Not in release |
libreswan | Not affected | Not affected | Not affected | Not affected | Not in release |
mozillavpn | Not in release | Not affected | Not in release | Not in release | Not in release |
n2n | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-fortisslvpn | Not affected | Not affected | Not affected | Not affected | Not in release |
network-manager-iodine | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-l2tp | Not affected | Not affected | Not affected | Not affected | Not in release |
network-manager-openconnect | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-pptp | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-sstp | Not affected | Not affected | Not in release | Not in release | Not in release |
network-manager-strongswan | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
openconnect | Not affected | Not affected | Not affected | Vulnerable | Vulnerable |
openfortivpn | Not affected | Not affected | Not affected | Not affected | Not in release |
openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
pptp-linux | Not affected | Not affected | Not affected | Not affected | Not affected |
quicktun | Not affected | Not affected | Not affected | Not affected | Not in release |
riseup-vpn | Not affected | Not in release | Not in release | Not in release | Not in release |
softether-vpn | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
sshuttle | Not affected | Not affected | Not affected | Not affected | Not affected |
tinc | Not affected | Not affected | Not affected | Not affected | Not affected |
vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
wireguard | Ignored | Ignored | Ignored | Ignored | Ignored |
zentyal-openvpn | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2023-36671
Medium priorityAn issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN...
31 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
connman | Not affected | Not affected | Not affected | Not affected | Not affected |
gadmin-openvpn-client | Not in release | Not in release | Not affected | Not affected | Not affected |
gadmin-openvpn-server | Not in release | Not in release | Not affected | Not affected | Not affected |
golang-github-apparentlymart-go-openvpn-mgmt | Not affected | Not affected | Not affected | Not in release | Not in release |
kvpnc | Not in release | Not in release | Not in release | Not affected | Not affected |
l2tp-ipsec-vpn | Not in release | Not in release | Not in release | Not in release | Not in release |
l2tp-ipsec-vpn-daemon | Not in release | Not in release | Not in release | Not in release | Not in release |
libreswan | Not affected | Not affected | Not affected | Not affected | Not in release |
mozillavpn | Not in release | Not affected | Not in release | Not in release | Not in release |
n2n | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-fortisslvpn | Not affected | Not affected | Not affected | Not affected | Not in release |
network-manager-iodine | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-l2tp | Not affected | Not affected | Not affected | Not affected | Not in release |
network-manager-openconnect | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-pptp | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-sstp | Not affected | Not affected | Not in release | Not in release | Not in release |
network-manager-strongswan | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
openconnect | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
openfortivpn | Not affected | Not affected | Not affected | Not affected | Not in release |
openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
pptp-linux | Not affected | Not affected | Not affected | Not affected | Not affected |
quicktun | Not affected | Not affected | Not affected | Not affected | Not in release |
riseup-vpn | Not affected | Not in release | Not in release | Not in release | Not in release |
softether-vpn | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
sshuttle | Not affected | Not affected | Not affected | Not affected | Not affected |
tinc | Not affected | Not affected | Not affected | Not affected | Not affected |
vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
wireguard | Not affected | Not affected | Not affected | Not affected | Not affected |
zentyal-openvpn | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2023-35838
Medium priorityThe WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into...
31 affected packages
connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt, kvpnc...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
connman | Not affected | Not affected | Not affected | Not affected | Not affected |
gadmin-openvpn-client | Not in release | Not in release | Not affected | Not affected | Not affected |
gadmin-openvpn-server | Not in release | Not in release | Not affected | Not affected | Not affected |
golang-github-apparentlymart-go-openvpn-mgmt | Not affected | Not affected | Not affected | Not in release | Not in release |
kvpnc | Not in release | Not in release | Not in release | Not affected | Not affected |
l2tp-ipsec-vpn | Not in release | Not in release | Not in release | Not in release | Not in release |
l2tp-ipsec-vpn-daemon | Not in release | Not in release | Not in release | Not in release | Not in release |
libreswan | Not affected | Not affected | Not affected | Not affected | Not in release |
mozillavpn | Not in release | Not affected | Not in release | Not in release | Not in release |
n2n | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-fortisslvpn | Not affected | Not affected | Not affected | Not affected | Not in release |
network-manager-iodine | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-l2tp | Not affected | Not affected | Not affected | Not affected | Not in release |
network-manager-openconnect | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-pptp | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-sstp | Not affected | Not affected | Not in release | Not in release | Not in release |
network-manager-strongswan | Not affected | Not affected | Not affected | Not affected | Not affected |
network-manager-vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
openconnect | Not affected | Not affected | Not affected | Vulnerable | Vulnerable |
openfortivpn | Not affected | Not affected | Not affected | Not affected | Not in release |
openvpn | Not affected | Not affected | Not affected | Not affected | Not affected |
pptp-linux | Not affected | Not affected | Not affected | Not affected | Not affected |
quicktun | Not affected | Not affected | Not affected | Not affected | Not in release |
riseup-vpn | Not affected | Not in release | Not in release | Not in release | Not in release |
softether-vpn | Vulnerable | Vulnerable | Not in release | Not in release | Not in release |
sshuttle | Not affected | Not affected | Not affected | Not affected | Not affected |
tinc | Not affected | Not affected | Not affected | Not affected | Not affected |
vpnc | Not affected | Not affected | Not affected | Not affected | Not affected |
wireguard | Ignored | Ignored | Ignored | Ignored | Ignored |
zentyal-openvpn | Not in release | Not in release | Not in release | Not in release | Not in release |
CVE-2023-26463
High prioritystrongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an...
1 affected package
strongswan
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
strongswan | — | Not affected | Not affected | Not affected | Not affected |
CVE-2022-40617
Medium prioritystrongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under...
1 affected package
strongswan
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
strongswan | Fixed | Fixed | Fixed | Fixed | Fixed |
CVE-2021-45079
High prioritySome fixes available 11 of 12
In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for...
1 affected package
strongswan
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
strongswan | Fixed | Fixed | Fixed | Fixed | Fixed |