Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Openvswitch
(Openvswitch)| Repositories | https://github.com/openvswitch/ovs |
| #Vulnerabilities | 21 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-07-03 | CVE-2016-2074 | Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command. | Openvswitch, Openshift | 9.8 | ||
| 2017-05-29 | CVE-2016-10377 | In Open vSwitch (OvS) 2.5.0, a malformed IP packet can cause the switch to read past the end of the packet buffer due to an unsigned integer underflow in `lib/flow.c` in the function `miniflow_extract`, permitting remote bypass of the access control list enforced by the switch. | Openvswitch | 8.8 | ||
| 2012-08-07 | CVE-2012-3449 | Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files. | Openvswitch | N/A |