Vulnerabilities > Opennetworking > Onos > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-20 | CVE-2021-38364 | Incorrect Comparison vulnerability in Opennetworking Onos 2.5.1 An issue was discovered in ONOS 2.5.1. | 6.5 |
| 2023-04-20 | CVE-2022-24109 | Resource Exhaustion vulnerability in Opennetworking Onos 2.5.1 An issue was discovered in ONOS 2.5.1. | 6.5 |
| 2023-04-20 | CVE-2022-29609 | Always-Incorrect Control Flow Implementation vulnerability in Opennetworking Onos 2.5.1 An issue was discovered in ONOS 2.5.1. | 5.3 |
| 2023-04-20 | CVE-2022-29944 | Incorrect Comparison vulnerability in Opennetworking Onos 2.5.1 An issue was discovered in ONOS 2.5.1. | 5.3 |
| 2023-03-14 | CVE-2023-24279 | Cross-site Scripting vulnerability in Opennetworking Onos A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard. | 6.1 |
| 2018-07-23 | CVE-2018-1999020 | Path Traversal vulnerability in Opennetworking Onos Open Networking Foundation (ONF) ONOS version 1.13.2 and earlier version contains a Directory Traversal vulnerability in core/common/src/main/java/org/onosproject/common/app/ApplicationArchive.java line 35 that can result in arbitrary file deletion (overwrite). | 5.5 |