Jan Schermer discovered that strongSwan incorrectly validated client certificates in certain configurations. A remote attacker could possibly use this issue to bypass access controls.
{ "availability": "No subscription needed", "binaries": [ { "charon-systemd": "5.9.5-2ubuntu2.3", "strongswan-nm": "5.9.5-2ubuntu2.3", "strongswan-libcharon": "5.9.5-2ubuntu2.3", "strongswan-scepclient": "5.9.5-2ubuntu2.3", "libstrongswan": "5.9.5-2ubuntu2.3", "libcharon-extra-plugins": "5.9.5-2ubuntu2.3", "charon-cmd": "5.9.5-2ubuntu2.3", "strongswan-charon": "5.9.5-2ubuntu2.3", "strongswan": "5.9.5-2ubuntu2.3", "libstrongswan-standard-plugins": "5.9.5-2ubuntu2.3", "libcharon-extauth-plugins": "5.9.5-2ubuntu2.3", "strongswan-starter": "5.9.5-2ubuntu2.3", "strongswan-pki": "5.9.5-2ubuntu2.3", "libstrongswan-extra-plugins": "5.9.5-2ubuntu2.3", "strongswan-swanctl": "5.9.5-2ubuntu2.3" } ] }