strongswan (SUSE:Linux Enterprise Server 15 SP2-LTSS) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 15 SP2-LTSS package strongswan, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2023-41913 — CVSS 9.8 (critical): strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution via a DH public value that exceeds the…
CVE-2021-45079 — CVSS 9.1 (critical): In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and…