Search CVE reports

1 – 10 of 42 results

Detailed view

Sort by:

CVE-2025-62291

Medium priority

Some fixes available 4 of 8

Buffer Overflow When Handling EAP-MSCHAPv2 Failure Requests

1 affected package

strongswan

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
strongswan	Fixed	Fixed	Needs evaluation	Needs evaluation

strongSwan versions 5.9.2 through 5.9.5 are affected by authorization bypass through improper validation of certificate with host mismatch (CWE-297). When certificates are used to authenticate clients in TLS-based EAP methods, the...

1 affected package

strongswan

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
strongswan	Not affected	Fixed	Not affected	Not affected

CVE-2024-3661

High priority

Ignored

DHCP can add routes to a client’s routing table via the classless static route option (121). VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An...

29 affected packages

tinc, vpnc, connman, gadmin-openvpn-client, gadmin-openvpn-server...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
tinc	Ignored	Ignored	Ignored	Ignored
vpnc	Ignored	Ignored	Ignored	Ignored
connman	Ignored	Ignored	Ignored	Ignored
gadmin-openvpn-client	Not in release	Not in release	Ignored	Ignored
gadmin-openvpn-server	Not in release	Not in release	Ignored	Ignored
golang-github-apparentlymart-go-openvpn-mgmt	Ignored	Ignored	Ignored	—
kvpnc	Not in release	Not in release	Not in release	Ignored
libreswan	Ignored	Ignored	Ignored	Ignored
mozillavpn	Not in release	Ignored	Not in release	—
n2n	Ignored	Ignored	Ignored	Ignored
network-manager-fortisslvpn	Ignored	Ignored	Ignored	Ignored
network-manager-iodine	Ignored	Ignored	Ignored	Ignored
network-manager-l2tp	Ignored	Ignored	Ignored	Ignored
network-manager-openconnect	Ignored	Ignored	Ignored	Ignored
network-manager-openvpn	Ignored	Ignored	Ignored	Ignored
network-manager-pptp	Ignored	Ignored	Ignored	Ignored
network-manager-sstp	Ignored	Ignored	Not in release	—
network-manager-strongswan	Ignored	Ignored	Ignored	Ignored
network-manager-vpnc	Ignored	Ignored	Ignored	Ignored
openconnect	Ignored	Ignored	Ignored	Ignored
openfortivpn	Ignored	Ignored	Ignored	Ignored
openvpn	Ignored	Ignored	Ignored	Ignored
pptp-linux	Ignored	Ignored	Ignored	Ignored
pptpd	Not in release	Ignored	Ignored	Ignored
quicktun	Ignored	Ignored	Ignored	Ignored
riseup-vpn	Ignored	Not in release	Not in release	—
softether-vpn	Ignored	Ignored	Not in release	—
sshuttle	Ignored	Ignored	Ignored	Ignored
wireguard	Ignored	Ignored	Ignored	Ignored

CVE-2023-41913

Medium priority

Fixed

strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the internal buffer in charon-tkm's DH proxy. The earliest affected version is 5.3.0. An attack...

1 affected package

strongswan

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
strongswan	—	Fixed	Fixed	Fixed

CVE-2023-36673

Medium priority

Ignored

An issue was discovered in Avira Phantom VPN through 2.23.1 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel,...

31 affected packages

wireguard, connman, gadmin-openvpn-client, gadmin-openvpn-server, golang-github-apparentlymart-go-openvpn-mgmt...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
wireguard	Not affected	Not affected	Not affected	Not affected
connman	Not affected	Not affected	Not affected	Not affected
gadmin-openvpn-client	Not in release	Not in release	Not affected	Not affected
gadmin-openvpn-server	Not in release	Not in release	Not affected	Not affected
golang-github-apparentlymart-go-openvpn-mgmt	Not affected	Not affected	Not affected	Not in release
kvpnc	Not in release	Not in release	Not in release	Not affected
l2tp-ipsec-vpn-daemon	Not in release	Not in release	Not in release	Not in release
l2tp-ipsec-vpn	Not in release	Not in release	Not in release	Not in release
libreswan	Not affected	Not affected	Not affected	Not affected
mozillavpn	Not in release	Not affected	Not in release	Not in release
n2n	Not affected	Not affected	Not affected	Not affected
network-manager-fortisslvpn	Not affected	Not affected	Not affected	Not affected
network-manager-iodine	Not affected	Not affected	Not affected	Not affected
network-manager-l2tp	Not affected	Not affected	Not affected	Not affected
network-manager-openconnect	Not affected	Not affected	Not affected	Not affected
network-manager-openvpn	Not affected	Not affected	Not affected	Not affected
network-manager-pptp	Not affected	Not affected	Not affected	Not affected
network-manager-sstp	Not affected	Not affected	Not in release	Not in release
network-manager-strongswan	Not affected	Not affected	Not affected	Not affected
network-manager-vpnc	Not affected	Not affected	Not affected	Not affected
openconnect	Not affected	Not affected	Not affected	Not affected
openfortivpn	Not affected	Not affected	Not affected	Not affected
openvpn	Not affected	Not affected	Not affected	Not affected
pptp-linux	Not affected	Not affected	Not affected	Not affected
quicktun	Not affected	Not affected	Not affected	Not affected
riseup-vpn	Not affected	Not in release	Not in release	Not in release
softether-vpn	Not affected	Not affected	Not in release	Not in release
sshuttle	Not affected	Not affected	Not affected	Not affected
tinc	Not affected	Not affected	Not affected	Not affected
vpnc	Not affected	Not affected	Not affected	Not affected
zentyal-openvpn	Not in release	Not in release	Not in release	Not in release

CVE-2023-36672

Medium priority

Ignored

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that traffic to the local network is sent in plaintext outside the VPN tunnel even if...

31 affected packages

wireguard, n2n, connman, gadmin-openvpn-client, gadmin-openvpn-server...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
wireguard	Ignored	Ignored	Not affected	Ignored
n2n	Not affected	Not affected	Not affected	Not affected
connman	Not affected	Not affected	Not affected	Not affected
gadmin-openvpn-client	Not in release	Not in release	Not affected	Not affected
gadmin-openvpn-server	Not in release	Not in release	Not affected	Not affected
openfortivpn	Not affected	Not affected	Not affected	Not affected
golang-github-apparentlymart-go-openvpn-mgmt	Not affected	Not affected	Not affected	Not in release
kvpnc	Not in release	Not in release	Not in release	Not affected
l2tp-ipsec-vpn-daemon	Not in release	Not in release	Not in release	Not in release
l2tp-ipsec-vpn	Not in release	Not in release	Not in release	Not in release
libreswan	Not affected	Not affected	Not affected	Not affected
mozillavpn	Not in release	Not affected	Not in release	Not in release
network-manager-fortisslvpn	Not affected	Not affected	Not affected	Not affected
network-manager-iodine	Not affected	Not affected	Not affected	Not affected
network-manager-l2tp	Not affected	Not affected	Not affected	Not affected
network-manager-openconnect	Not affected	Not affected	Not affected	Not affected
network-manager-openvpn	Not affected	Not affected	Not affected	Not affected
network-manager-pptp	Not affected	Not affected	Not affected	Not affected
network-manager-sstp	Not affected	Not affected	Not in release	Not in release
network-manager-strongswan	Not affected	Not affected	Not affected	Not affected
network-manager-vpnc	Not affected	Not affected	Not affected	Not affected
openconnect	Not affected	Not affected	Not affected	Not affected
pptp-linux	Not affected	Not affected	Not affected	Not affected
quicktun	Not affected	Not affected	Not affected	Not affected
riseup-vpn	Not affected	Not in release	Not in release	Not in release
softether-vpn	Not affected	Not affected	Not in release	Not in release
sshuttle	Not affected	Not affected	Not affected	Not affected
tinc	Not affected	Not affected	Not affected	Not affected
vpnc	Not affected	Not affected	Not affected	Not affected
zentyal-openvpn	Not in release	Not in release	Not in release	Not in release
openvpn	Not affected	Not affected	Not affected	Not affected

CVE-2023-36671

Medium priority

Ignored

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN...

31 affected packages

wireguard, tinc, connman, gadmin-openvpn-client, gadmin-openvpn-server...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
wireguard	Not affected	Not affected	Not affected	Not affected
tinc	Not affected	Not affected	Not affected	Not affected
connman	Not affected	Not affected	Not affected	Not affected
gadmin-openvpn-client	Not in release	Not in release	Not affected	Not affected
gadmin-openvpn-server	Not in release	Not in release	Not affected	Not affected
golang-github-apparentlymart-go-openvpn-mgmt	Not affected	Not affected	Not affected	Not in release
kvpnc	Not in release	Not in release	Not in release	Not affected
l2tp-ipsec-vpn-daemon	Not in release	Not in release	Not in release	Not in release
l2tp-ipsec-vpn	Not in release	Not in release	Not in release	Not in release
libreswan	Not affected	Not affected	Not affected	Not affected
mozillavpn	Not in release	Not affected	Not in release	Not in release
n2n	Not affected	Not affected	Not affected	Not affected
network-manager-fortisslvpn	Not affected	Not affected	Not affected	Not affected
network-manager-iodine	Not affected	Not affected	Not affected	Not affected
network-manager-l2tp	Not affected	Not affected	Not affected	Not affected
network-manager-openconnect	Not affected	Not affected	Not affected	Not affected
network-manager-openvpn	Not affected	Not affected	Not affected	Not affected
network-manager-pptp	Not affected	Not affected	Not affected	Not affected
network-manager-sstp	Not affected	Not affected	Not in release	Not in release
network-manager-strongswan	Not affected	Not affected	Not affected	Not affected
network-manager-vpnc	Not affected	Not affected	Not affected	Not affected
openconnect	Not affected	Not affected	Not affected	Not affected
openfortivpn	Not affected	Not affected	Not affected	Not affected
openvpn	Not affected	Not affected	Not affected	Not affected
pptp-linux	Not affected	Not affected	Not affected	Not affected
quicktun	Not affected	Not affected	Not affected	Not affected
riseup-vpn	Not affected	Not in release	Not in release	Not in release
softether-vpn	Not affected	Not affected	Not in release	Not in release
sshuttle	Not affected	Not affected	Not affected	Not affected
vpnc	Not affected	Not affected	Not affected	Not affected
zentyal-openvpn	Not in release	Not in release	Not in release	Not in release

CVE-2023-35838

Medium priority

Ignored

The WireGuard client 0.5.3 on Windows insecurely configures the operating system and firewall such that traffic to a local network that uses non-RFC1918 IP addresses is blocked. This allows an adversary to trick the victim into...

31 affected packages

wireguard, kvpnc, connman, gadmin-openvpn-client, gadmin-openvpn-server...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
wireguard	Ignored	Ignored	Ignored	Ignored
kvpnc	Not in release	Not in release	Not in release	Not affected
connman	Not affected	Not affected	Not affected	Not affected
gadmin-openvpn-client	Not in release	Not in release	Not affected	Not affected
gadmin-openvpn-server	Not in release	Not in release	Not affected	Not affected
golang-github-apparentlymart-go-openvpn-mgmt	Not affected	Not affected	Not affected	Not in release
l2tp-ipsec-vpn-daemon	Not in release	Not in release	Not in release	Not in release
l2tp-ipsec-vpn	Not in release	Not in release	Not in release	Not in release
libreswan	Not affected	Not affected	Not affected	Not affected
mozillavpn	Not in release	Not affected	Not in release	Not in release
n2n	Not affected	Not affected	Not affected	Not affected
network-manager-fortisslvpn	Not affected	Not affected	Not affected	Not affected
network-manager-iodine	Not affected	Not affected	Not affected	Not affected
network-manager-l2tp	Not affected	Not affected	Not affected	Not affected
network-manager-openconnect	Not affected	Not affected	Not affected	Not affected
network-manager-openvpn	Not affected	Not affected	Not affected	Not affected
network-manager-pptp	Not affected	Not affected	Not affected	Not affected
network-manager-sstp	Not affected	Not affected	Not in release	Not in release
network-manager-strongswan	Not affected	Not affected	Not affected	Not affected
network-manager-vpnc	Not affected	Not affected	Not affected	Not affected
openconnect	Not affected	Not affected	Not affected	Not affected
openfortivpn	Not affected	Not affected	Not affected	Not affected
pptp-linux	Not affected	Not affected	Not affected	Not affected
quicktun	Not affected	Not affected	Not affected	Not affected
riseup-vpn	Not affected	Not in release	Not in release	Not in release
softether-vpn	Not affected	Not affected	Not in release	Not in release
sshuttle	Not affected	Not affected	Not affected	Not affected
tinc	Not affected	Not affected	Not affected	Not affected
vpnc	Not affected	Not affected	Not affected	Not affected
zentyal-openvpn	Not in release	Not in release	Not in release	Not in release
openvpn	Not affected	Not affected	Not affected	Not affected

CVE-2023-26463

High priority

Fixed

strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an...

1 affected package

strongswan

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
strongswan	—	Not affected	Not affected	Not affected

CVE-2022-40617

Medium priority

Fixed

strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under...

1 affected package

strongswan

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
strongswan	Fixed	Fixed	Fixed	Fixed

Export to JSON

Results by page: