VYPR
Vendor

Ovn Org

Products
1
CVEs
4
Across products
4
Status
Private

Products

1

Recent CVEs

4
  • CVE-2026-5367HigApr 24, 2026
    risk 0.56cvss 8.6epss 0.01

    A flaw was found in OVN (Open Virtual Network). A remote attacker, by sending crafted DHCPv6 (Dynamic Host Configuration Protocol for IPv6) SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds…

  • CVE-2025-0650HigJan 23, 2025
    risk 0.53cvss 8.1epss 0.01

    A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can…

  • CVE-2026-5265MedApr 24, 2026
    risk 0.42cvss 6.5epss 0.01

    When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length (ip_tot_len for IPv4, ip6_plen for IPv6) without validating it against the…

  • CVE-2024-2182MedMar 12, 2024
    risk 0.42cvss 6.5epss 0.01

    A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a…