VYPR

Openvswitch

by Openvswitch

CVEs (24)

  • CVE-2020-35498Feb 11, 2021
    risk 0.00cvss epss 0.08

    A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The…

  • CVE-2018-17205HigSep 19, 2018
    risk 0.00cvss 7.5epss 0.03

    An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. During bundle commit, flows that are added in a bundle are applied to ofproto in order. If a flow cannot be added (e.g., the flow action is a go-to for a…

  • CVE-2018-17204MedSep 19, 2018
    risk 0.00cvss 4.3epss 0.02

    An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries…

  • CVE-2012-3449Aug 7, 2012
    risk 0.00cvss epss 0.00

    Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files.

Page 2 of 2