2.10.4

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-06	CVE-2023-5366	Insufficient Verification of Data Authenticity vulnerability in multiple products A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. local low complexity openvswitch redhat CWE-345	5.5
2023-01-10	CVE-2022-4337	Out-of-bounds Read vulnerability in multiple products An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. network low complexity openvswitch debian CWE-125 critical	9.8
2023-01-10	CVE-2022-4338	Out-of-bounds Read vulnerability in multiple products An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. network low complexity openvswitch debian CWE-125 critical	9.8
2022-08-23	CVE-2021-3905	Memory Leak vulnerability in multiple products A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. network low complexity openvswitch redhat canonical fedoraproject CWE-401	7.5
2021-03-18	CVE-2020-27827	Resource Exhaustion vulnerability in multiple products A flaw was found in multiple versions of OpenvSwitch. network low complexity lldpd-project openvswitch redhat fedoraproject siemens CWE-400	7.5
2021-02-11	CVE-2020-35498	Resource Exhaustion vulnerability in multiple products A vulnerability was found in openvswitch. network low complexity openvswitch debian fedoraproject CWE-400	7.5