Vulnerabilities > Openvswitch

DATE CVE VULNERABILITY TITLE RISK
2024-01-19 CVE-2024-22563 Memory Leak vulnerability in Openvswitch 2.17.8
openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c.
network
low complexity
openvswitch CWE-401
7.5
2023-10-06 CVE-2023-5366 Insufficient Verification of Data Authenticity vulnerability in multiple products
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules.
local
low complexity
openvswitch redhat CWE-345
5.5
2023-01-10 CVE-2022-4337 Out-of-bounds Read vulnerability in multiple products
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.
network
low complexity
openvswitch debian CWE-125
critical
9.8
2023-01-10 CVE-2022-4338 Out-of-bounds Read vulnerability in multiple products
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.
network
low complexity
openvswitch debian CWE-125
critical
9.8
2022-08-23 CVE-2021-3905 Memory Leak vulnerability in multiple products
A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing.
7.5
2021-07-20 CVE-2021-36980 Use After Free vulnerability in Openvswitch
Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP action.
local
low complexity
openvswitch CWE-416
5.5
2021-03-18 CVE-2020-27827 Resource Exhaustion vulnerability in multiple products
A flaw was found in multiple versions of OpenvSwitch.
7.5
2021-02-11 CVE-2020-35498 Resource Exhaustion vulnerability in multiple products
A vulnerability was found in openvswitch.
network
low complexity
openvswitch debian fedoraproject CWE-400
7.5
2018-09-19 CVE-2018-17206 Out-of-bounds Read vulnerability in multiple products
An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6.
network
low complexity
openvswitch redhat canonical debian CWE-125
4.0
2018-09-19 CVE-2018-17205 Reachable Assertion vulnerability in multiple products
An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c.
network
low complexity
openvswitch redhat canonical CWE-617
5.0