Openswan Xelerance Openswan

Do you want an email whenever new security vulnerabilities are reported in Xelerance Openswan?

By the Year

In 2022 there have been 0 vulnerabilities in Xelerance Openswan . Openswan did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 1 3.10
2018 1 7.50

It may take a day or so for new Openswan vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Xelerance Openswan Security Vulnerabilities

The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets

CVE-2019-10155 3.1 - Low - June 12, 2019

The Libreswan Project has found a vulnerability in the processing of IKEv1 informational exchange packets which are encrypted and integrity protected using the established IKE SA encryption and integrity keys, but as a receiver, the integrity check value was not verified. This issue affects versions before 3.29.

Improper Input Validation

In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan before 2.6.50.1

CVE-2018-15836 7.5 - High - September 26, 2018

In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan before 2.6.50.1, the RSA implementation does not verify the value of padding string during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used. IKEv2 signature verification is affected when RAW RSA keys are used.

Improper Verification of Cryptographic Signature

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Xelerance Openswan or by Xelerance? Click the Watch button to subscribe.

Xelerance
Vendor

subscribe