W1.fi Hostapd 2.9

CPE Details

W1.fi Hostapd 2.9
w1.fi
hostapd
2.9
2019-12-16
17h58 +00:00
2019-12-16
17h58 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:w1.fi:hostapd:2.9:*:*:*:*:*:*:*

Informations

Vendor

w1.fi

Product

hostapd

Version

2.9

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-23303 2022-01-16 23h00 +00:00 The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494.
9.8
Critical
CVE-2022-23304 2022-01-16 23h00 +00:00 The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.
9.8
Critical
CVE-2021-30004 2021-04-01 22h00 +00:00 In wpa_supplicant and hostapd 2.9, forging attacks may occur because AlgorithmIdentifier parameters are mishandled in tls/pkcs1.c and tls/x509v3.c.
5.3
Medium
CVE-2019-16275 2019-09-12 17h07 +00:00 hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range.
6.5
Medium