Vulnerabilities > Openvswitch > Openvswitch > 1.3.0

DATE CVE VULNERABILITY TITLE RISK
2023-10-06 CVE-2023-5366 Insufficient Verification of Data Authenticity vulnerability in multiple products
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules.
local
low complexity
openvswitch redhat CWE-345
5.5
2023-01-10 CVE-2022-4337 An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.
network
low complexity
openvswitch debian
critical
9.8
2023-01-10 CVE-2022-4338 An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.
network
low complexity
openvswitch debian
critical
9.8
2022-08-23 CVE-2021-3905 Memory Leak vulnerability in multiple products
A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing.
7.5
2017-10-02 CVE-2017-14970 Missing Release of Resource after Effective Lifetime vulnerability in Openvswitch
In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are multiple memory leaks while parsing malformed OpenFlow group mod messages.
network
high complexity
openvswitch CWE-772
5.9