Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Onos
(Onosproject)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 13 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-07-09 | CVE-2018-1000614 | ONOS ONOS Controller version 1.13.1 and earlier contains a XML External Entity (XXE) vulnerability in providers/netconf/alarm/src/main/java/org/onosproject/provider/netconf/alarm/NetconfAlarmTranslator.java that can result in An adversary can remotely launch advanced XXE attacks on ONOS controller without authentication.. This attack appear to be exploitable via crafted protocol message. | Onos | 9.8 | ||
| 2017-08-29 | CVE-2017-13762 | ONOS versions 1.8.0, 1.9.0, and 1.10.0 are vulnerable to XSS. | Onos | 6.1 | ||
| 2017-08-24 | CVE-2015-7516 | ONOS before 1.5.0 when using the ifwd app allows remote attackers to cause a denial of service (NULL pointer dereference and switch disconnect) by sending two Ethernet frames with ether_type Jumbo Frame (0x8870). | Onos | 7.5 |