W1.fi Hostapd 2.8

CPE Details

W1.fi Hostapd 2.8
w1.fi
hostapd
2.8
2019-07-20
16h16 +00:00
2019-07-20
16h16 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:w1.fi:hostapd:2.8:*:*:*:*:*:*:*

Informations

Vendor

w1.fi

Product

hostapd

Version

2.8

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-23303 2022-01-16 23h00 +00:00 The implementations of SAE in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9494.
9.8
Critical
CVE-2022-23304 2022-01-16 23h00 +00:00 The implementations of EAP-pwd in hostapd before 2.10 and wpa_supplicant before 2.10 are vulnerable to side-channel attacks as a result of cache access patterns. NOTE: this issue exists because of an incomplete fix for CVE-2019-9495.
9.8
Critical
CVE-2019-16275 2019-09-12 17h07 +00:00 hostapd before 2.10 and wpa_supplicant before 2.10 allow an incorrect indication of disconnection in certain situations because source address validation is mishandled. This is a denial of service that should have been prevented by PMF (aka management frame protection). The attacker must send a crafted 802.11 frame from a location that is within the 802.11 communications range.
6.5
Medium
CVE-2019-13377 2019-08-15 14h05 +00:00 The implementations of SAE and EAP-pwd in hostapd and wpa_supplicant 2.x through 2.8 are vulnerable to side-channel attacks as a result of observable timing differences and cache access patterns when Brainpool curves are used. An attacker may be able to gain leaked information from a side-channel attack that can be used for full password recovery.
5.9
Medium