By the Year
In 2022 there have been 0 vulnerabilities in Xelerance Openswan . Openswan did not have any published security vulnerabilities last year.
It may take a day or so for new Openswan vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Xelerance Openswan Security Vulnerabilities
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets
3.1 - Low
- June 12, 2019
The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29.
Improper Input Validation
In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan before 184.108.40.206
7.5 - High
- September 26, 2018
In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan before 220.127.116.11, the RSA implementation does not verify the value of padding string during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used. IKEv2 signature verification is affected when RAW RSA keys are used.
Improper Verification of Cryptographic Signature