NVD - Results

Sort results by:

Search Results (Refine Search)

Search Parameters:

Keyword (text search): cpe:2.3:a:openvswitch:openvswitch:1.1.1:*:*:*:*:*:*:*
CPE Name Search: true

There are 5 matching records.

Displaying matches 1 through 5.

Vuln ID	Summary	CVSS Severity
CVE-2023-5366	A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses. Published: October 06, 2023; 2:15:12 PM -0400	V4.0:(not available) V3.1: 5.5 MEDIUM V2.0:(not available)
CVE-2022-4338	An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. Published: January 10, 2023; 5:15:14 PM -0500	V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available)
CVE-2022-4337	An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. Published: January 10, 2023; 5:15:13 PM -0500	V4.0:(not available) V3.1: 9.8 CRITICAL V2.0:(not available)
CVE-2021-3905	A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments. Published: August 23, 2022; 12:15:10 PM -0400	V4.0:(not available) V3.1: 7.5 HIGH V2.0:(not available)
CVE-2017-14970	In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are multiple memory leaks while parsing malformed OpenFlow group mod messages. NOTE: the vendor disputes the relevance of this report, stating "it can only be triggered by an OpenFlow controller, but OpenFlow controllers have much more direct and powerful ways to force Open vSwitch to allocate memory, such as by inserting flows into the flow table." Published: October 01, 2017; 9:29:00 PM -0400	V4.0:(not available) V3.0: 5.9 MEDIUM V2.0: 4.3 MEDIUM