CVE-2018-17540

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2018-17540

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-17540.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2018-17540

Downstream

ALPINE-CVE-2018-17540

DEBIAN-CVE-2018-17540

DLA-1528-1

DSA-4309-1

SUSE-SU-2019:3056-1

SUSE-SU-2019:3266-1

SUSE-SU-2022:14887-1

UBUNTU-CVE-2018-17540

USN-3774-1

openSUSE-SU-2019:2594-1

openSUSE-SU-2019:2598-1

openSUSE-SU-2024:11411-1

Related

Published

2018-10-03T20:29:09.990Z

Modified

2026-03-15T21:55:20.097224Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

The gmp plugin in strongSwan before 5.7.1 has a Buffer Overflow via a crafted certificate.

References

Affected packages

Git / github.com/strongswan/strongswan

Affected ranges

Type

GIT

Repo

https://github.com/strongswan/strongswan

Events

Introduced

Fixed

04ef28b4df495c4b748e677f670d7f2d0b28fbbf

Database specific

{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "5.7.1"
        }
    ]
}

Affected versions

4.*

4.0.0

4.0.1

4.0.2

4.0.3

4.0.4

4.0.5

4.0.6

4.0.7

4.1.0

4.1.1

4.1.10

4.1.11

4.1.2

4.1.3

4.1.4

4.1.5

4.1.6

4.1.7

4.1.8

4.1.9

4.2.0

4.2.1

4.2.10

4.2.11

4.2.12

4.2.13

4.2.14

4.2.2

4.2.3

4.2.4

4.2.5

4.2.6

4.2.7

4.2.8

4.2.9

4.3.0

4.3.1

4.3.2

4.3.3

4.3.4

4.3.5

4.3.5rc1

4.3.6

4.4.0

4.4.1

4.5.0

4.5.1

4.5.2

4.5.3

4.6.0

4.6.1

4.6.2

4.6.3

5.*

5.0.0

5.0.1

5.0.2

5.0.2dr4

5.0.2rc1

5.0.3

5.0.3dr1

5.0.3dr2

5.0.3dr3

5.0.3rc1

5.0.4

5.1.0

5.1.0dr1

5.1.0dr2

5.1.0rc1

5.1.1

5.1.1dr1

5.1.1dr2

5.1.1dr3

5.1.1dr4

5.1.1rc1

5.1.2

5.1.2.dr2

5.1.2dr1

5.1.2dr3

5.1.2rc1

5.1.2rc2

5.1.3

5.1.3dr1

5.1.3rc1

5.2.0

5.2.0dr1

5.2.0dr2

5.2.0dr3

5.2.0dr4

5.2.0dr5

5.2.0dr6

5.2.0rc1

5.2.1

5.2.1dr1

5.2.1rc1

5.2.2

5.2.2dr1

5.2.2rc1

5.3.0

5.3.0dr1

5.3.0rc1

5.3.1

5.3.1dr1

5.3.1rc1

5.3.2

5.3.3

5.3.3dr1

5.3.3dr3

5.3.3dr4

5.3.3dr5

5.3.3dr6

5.3.3rc2

5.3.4

5.3.4dr1

5.3.4dr2

5.3.4dr3

5.3.4rc1

5.3.5

5.4.0

5.4.0dr1

5.4.0dr2

5.4.0dr3

5.4.0dr4

5.4.0dr5

5.4.0dr6

5.4.0dr7

5.4.0dr8

5.4.0rc1

5.4.1dr1

5.4.1dr2

5.4.1dr3

5.4.1dr4

5.5.0

5.5.0dr1

5.5.0rc1

5.5.1

5.5.1dr1

5.5.1dr2

5.5.1dr3

5.5.1dr4

5.5.1dr5

5.5.1rc1

5.5.1rc2

5.5.2

5.5.2dr1

5.5.2dr2

5.5.2dr3

5.5.2dr4

5.5.2dr5

5.5.2dr6

5.5.2dr7

5.5.2rc1

5.5.3

5.5.3dr1

5.5.3dr2

5.6.0

5.6.0dr1

5.6.0dr2

5.6.0dr3

5.6.0dr4

5.6.0rc1

5.6.0rc2

5.6.1

5.6.1dr1

5.6.1dr2

5.6.1dr3

5.6.1rc1

5.6.2

5.6.2dr1

5.6.2dr2

5.6.2dr3

5.6.2dr4

5.6.2rc1

5.6.3

5.6.3dr1

5.6.3dr2

5.6.3rc1

5.7.0

5.7.0dr1

5.7.0dr2

5.7.0dr3

5.7.0dr4

5.7.0dr5

5.7.0dr6

5.7.0dr8

5.7.0rc1

5.7.0rc2

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-17540.json"

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "8.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "9.0"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "14.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "16.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "18.04"
            }
        ]
    }
]