Known Vulnerabilities for Openvswitch by Openvswitch
Listed below are 10 of the newest known vulnerabilities associated with "Openvswitch" by "Openvswitch".
These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.
Data on known vulnerable versions is also displayed based on information from known CPEs
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2021-36980 | Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decod... | 5.5 - MEDIUM | 2021-07-20 | 2023-11-26 |
| CVE-2021-3905 | A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw t... | 7.5 - HIGH | 2022-08-23 | 2023-11-26 |
| CVE-2020-35498 | A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a maliciou... | 7.5 - HIGH | 2021-02-11 | 2023-11-26 |
| CVE-2020-27827 | A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocat... | 7.5 - HIGH | 2021-03-18 | 2023-11-26 |
| CVE-2018-17206 | An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is aff... | 4.9 - MEDIUM | 2018-09-19 | 2021-08-04 |
| CVE-2018-17205 | An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. Duri... | 7.5 - HIGH | 2018-09-19 | 2021-08-04 |
| CVE-2018-17204 | An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp... | 4.3 - MEDIUM | 2018-09-19 | 2021-08-04 |
| CVE-2017-9264 | In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) 2.6.1, there is a buffer over-read while parsing malf... | 9.8 - CRITICAL | 2017-05-29 | 2019-10-03 |
| CVE-2017-9263 | In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort() function for undef... | 6.5 - MEDIUM | 2017-05-29 | 2018-01-05 |
| CVE-2017-9214 | In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read t... | 9.8 - CRITICAL | 2017-05-23 | 2021-08-04 |
Known Affected Configurations (CPE V2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Openvswitch | Openvswitch | 2.9.9 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.9.8 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.9.7 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.9.6 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.9.5 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.9.4 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.9.3 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.9.2 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.9.1 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.9.0 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.8.9 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.8.8 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.8.7 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.8.6 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.8.5 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.8.4 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.8.3 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.8.2 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.8.11 | All | All | All |
| Application | Openvswitch | Openvswitch | 2.8.10 | All | All | All |