Cloudbase Open Vswitch vulnerabilities
2 known vulnerabilities affecting cloudbase/open_vswitch.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-1668HIGHCVSS 8.2≥ 1.5.0, < 2.13.11≥ 2.14.0, < 2.14.9+5 more2023-04-10
CVE-2023-1668 [HIGH] CWE-670 CVE-2023-1668: A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will instal
A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possi
nvd
CVE-2022-32166MEDIUMCVSS 6.1≥ 0.90.0, ≤ 2.5.02022-09-28
CVE-2022-32166 [MEDIUM] CWE-125 CVE-2022-32166: In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe
In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.
nvd