VYPR

onos-a1t

by Open Networking Foundation

CVEs (5)

  • CVE-2023-41591CriMay 29, 2025
    risk 0.64cvss 9.8epss 0.00

    An issue in Open Network Foundation ONOS v2.7.0 allows attackers to create fake IP/MAC addresses and potentially execute a man-in-the-middle attack on communications between fake and real hosts.

  • CVE-2023-30093MedMay 4, 2023
    risk 0.40cvss 6.1epss 0.00

    A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard.

  • CVE-2023-24279MedMar 14, 2023
    risk 0.40cvss 6.1epss 0.01

    A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard.

  • CVE-2024-53423MedMay 29, 2025
    risk 0.36cvss 5.6epss 0.00

    An issue in Open Network Foundation ONOS v2.7.0 allows attackers to cause a Denial of Service (DoS) via supplying crafted packets.

  • CVE-2018-1999020MedJul 23, 2018
    risk 0.36cvss 5.5epss 0.01

    Open Networking Foundation (ONF) ONOS version 1.13.2 and earlier version contains a Directory Traversal vulnerability in core/common/src/main/java/org/onosproject/common/app/ApplicationArchive.java line 35 that can result in arbitrary file deletion (overwrite). This attack…