Msrc Cm1 Strongswan 5.7.2-4 On Cbl Mariner 1.0 vulnerabilities
2 known vulnerabilities affecting msrc/cm1_strongswan_5.7.2-4_on_cbl_mariner_1.0.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2021-41990HIGHCVSS 7.52021-10-12
CVE-2021-41990 [HIGH] CWE-190 The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example this can be triggered by an unrelated self-signed CA certifi
The gmp plugin in strongSwan before 5.9.4 has a remote integer overflow via a crafted certificate with an RSASSA-PSS signature. For example this can be triggered by an unrelated self-signed CA certificate sent by an initiator. Remote code execution cannot occur.
FAQ:
msrc
CVE-2021-41991HIGHCVSS 7.52021-10-12
CVE-2021-41991 [HIGH] CWE-190 The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of
The in-memory certificate cache in strongSwan before 5.9.4 has a remote integer overflow upon receiving many requests with different certificates to fill the cache and later trigger the replacement of cache entries. The code attempts to select a less-often-used cache e
msrc