Vulnerabilities in strongSwan
6 resultsCVE-2018-5388—In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaEPSS 4.0%CVE-2018-5389—CVE-2018-5389EPSS 3.0%CVE-2026-25075HIGHstrongSwan 4.5.0 < 6.0.5 EAP-TTLS AVP Parsing Integer UnderflowEPSS 1.0%CVE-2025-62291HIGHIn the eap-mschapv2 plugin (client-side) in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 thEPSS 0.9%CVE-2022-4967HIGHstrongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch (EPSS 0.5%CVE-2026-25998HIGHstrongMan vulnerable to private credential recovery due to key and counter reuseEPSS 0.3%