Vulnerabilities > Openvswitch
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-19 | CVE-2024-22563 | Memory Leak vulnerability in Openvswitch 2.17.8 openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c. | 7.5 |
| 2023-10-06 | CVE-2023-5366 | Insufficient Verification of Data Authenticity vulnerability in multiple products A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. | 5.5 |
| 2023-01-10 | CVE-2022-4337 | An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. | 9.8 |
| 2023-01-10 | CVE-2022-4338 | An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. | 9.8 |
| 2022-09-08 | CVE-2019-25076 | Unspecified vulnerability in Openvswitch The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service (delays of legitimate traffic) via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, aka a Tuple Space Explosion (TSE) attack. | 5.8 |
| 2022-08-29 | CVE-2022-0669 | A flaw was found in dpdk. | 6.5 |
| 2022-08-23 | CVE-2021-3905 | Memory Leak vulnerability in multiple products A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. | 7.5 |
| 2021-07-20 | CVE-2021-36980 | Use After Free vulnerability in Openvswitch Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP action. | 5.5 |
| 2021-03-18 | CVE-2020-27827 | A flaw was found in multiple versions of OpenvSwitch. | 7.5 |
| 2021-02-11 | CVE-2020-35498 | A vulnerability was found in openvswitch. | 7.5 |