Onos
by Onosproject
CVEs (6)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-1000081 | Cri | 0.64 | 9.8 | 0.08 | Jul 17, 2017 | Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of applications (.oar) resulting in remote code execution. | |
| CVE-2017-1000080 | Hig | 0.49 | 7.5 | 0.00 | Jul 17, 2017 | Linux foundation ONOS 1.9.0 allows unauthenticated use of websockets. | |
| CVE-2017-1000079 | Hig | 0.49 | 7.5 | 0.00 | Jul 17, 2017 | Linux foundation ONOS 1.9.0 is vulnerable to a DoS. | |
| CVE-2017-13763 | Hig | 0.42 | 7.5 | 0.00 | Aug 30, 2017 | ONOS versions 1.8.0, 1.9.0, and 1.10.0 do not restrict the amount of memory allocated. The Netty payload size is not limited. | |
| CVE-2017-13762 | Med | 0.40 | 6.1 | 0.01 | Aug 30, 2017 | ONOS versions 1.8.0, 1.9.0, and 1.10.0 are vulnerable to XSS. | |
| CVE-2017-1000078 | Med | 0.40 | 6.1 | 0.00 | Jul 17, 2017 | Linux foundation ONOS 1.9 is vulnerable to XSS in the device. registration |