Vendor
Onosproject
Products
1
CVEs
6
Across products
6
Status
Private
Products
1- 6 CVEs
Recent CVEs
6| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2017-1000081 | Cri | 0.64 | 9.8 | 0.08 | Jul 17, 2017 | Linux foundation ONOS 1.9.0 is vulnerable to unauthenticated upload of applications (.oar) resulting in remote code execution. | |
| CVE-2017-1000080 | Hig | 0.49 | 7.5 | 0.00 | Jul 17, 2017 | Linux foundation ONOS 1.9.0 allows unauthenticated use of websockets. | |
| CVE-2017-1000079 | Hig | 0.49 | 7.5 | 0.00 | Jul 17, 2017 | Linux foundation ONOS 1.9.0 is vulnerable to a DoS. | |
| CVE-2017-13763 | Hig | 0.42 | 7.5 | 0.00 | Aug 30, 2017 | ONOS versions 1.8.0, 1.9.0, and 1.10.0 do not restrict the amount of memory allocated. The Netty payload size is not limited. | |
| CVE-2017-13762 | Med | 0.40 | 6.1 | 0.01 | Aug 30, 2017 | ONOS versions 1.8.0, 1.9.0, and 1.10.0 are vulnerable to XSS. | |
| CVE-2017-1000078 | Med | 0.40 | 6.1 | 0.00 | Jul 17, 2017 | Linux foundation ONOS 1.9 is vulnerable to XSS in the device. registration |