Skip to main content

Radius Server

4 CVEs product

Monthly

CVE-2019-9499 HIGH PATCH This Week

The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Hostapd Wpa Supplicant Fedora Backports Sle +5
NVD
CVSS 3.1
8.1
EPSS
2.4%
CVE-2019-9498 HIGH PATCH This Week

The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Hostapd Wpa Supplicant Fedora Backports Sle +5
NVD
CVSS 3.1
8.1
EPSS
2.4%
CVE-2019-9495 LOW PATCH Monitor

The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Hostapd Wpa Supplicant Fedora Backports Sle +5
NVD
CVSS 3.1
3.7
EPSS
3.4%
CVE-2019-9494 MEDIUM PATCH This Month

The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Hostapd Wpa Supplicant Fedora Backports Sle +4
NVD
CVSS 3.1
5.9
EPSS
3.7%
EPSS 2% CVSS 8.1
HIGH PATCH This Week

The implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Hostapd Wpa Supplicant +7
NVD
EPSS 2% CVSS 8.1
HIGH PATCH This Week

The implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Hostapd Wpa Supplicant +7
NVD
EPSS 3% CVSS 3.7
LOW PATCH Monitor

The implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Hostapd Wpa Supplicant +7
NVD
EPSS 4% CVSS 5.9
MEDIUM PATCH This Month

The implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Information Disclosure Hostapd Wpa Supplicant +6
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy