AZL-74660 CVE-2025-62291 affecting package strongswan for versions less than 5.9.14-8

In the eap-mschapv2 plugin client-side in strongSwan before 6.0.3, a malicious EAP-MSCHAPv2 server can send a crafted message of size 6 through 8, and cause an integer underflow that potentially results in a heap-based buffer overflow...

OPENSUSE-SU-2025:15822-1 strongswan-6.0.4-1.1 on GA media

These are all security issues fixed in the strongswan-6.0.4-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15681-1 strongswan-6.0.3-1.1 on GA media

These are all security issues fixed in the strongswan-6.0.3-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2014-9221

strongSwan 4.5.x through 5.2.x before 5.2.1 allows remote attackers to cause a denial of service invalid pointer dereference via a crafted IKEv2 Key Exchange KE message with Diffie-Hellman DH group 1025...

strongSwan 4.0.0 VPN Detection

Binary data 5312.prm...

strongSwan 2.7.0 VPN Detection

Binary data 5317.prm...

strongSwan/Openswan DoS Vulnerability (Jun 2009)

strongSwan / Openswan is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...