Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Package Hub 15 SP1 package hostapd, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (7)
CVE-2019-9497 — CVSS 8.1 (high): The implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in…
CVE-2019-9499 — CVSS 8.1 (high): The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported…
CVE-2019-9498 — CVSS 8.1 (high): The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements…
CVE-2017-13082 — CVSS 8.1 (high): Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11r allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key…
CVE-2019-9496 — CVSS 7.5 (high): An invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing…
CVE-2019-9494 — CVSS 5.9 (medium): The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing…
CVE-2019-9495 — CVSS 3.7 (low): The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns…