opennetworking

Top products

The 15 most recently published vulnerabilities affecting opennetworking.

• CVE-2025-65568A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request that incl...7.5Dec 18, 2025
• CVE-2025-65567A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a specially crafted PFCP Session Establishment...7.5Dec 18, 2025
• CVE-2025-65565A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association is established, a PFCP Session Establishment Re...7.5Dec 18, 2025
• CVE-2025-65564A denial-of-service vulnerability exists in the omec-upf (upf-epc-pfcpiface) in version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the manda...7.5Dec 18, 2025
• CVE-2025-65563A denial-of-service vulnerability exists in the omec-project UPF (component upf-epc/pfcpiface) up to at least version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Req...7.5Dec 18, 2025
• CVE-2024-53423An issue in Open Network Foundation ONOS v2.7.0 allows attackers to cause a Denial of Service (DoS) via supplying crafted packets.5.6May 29, 2025
• CVE-2023-41591An issue in Open Network Foundation ONOS v2.7.0 allows attackers to create fake IP/MAC addresses and potentially execute a man-in-the-middle attack on communications between fake and real hosts.9.8May 29, 2025
• CVE-2025-29312An issue in onos v2.7.0 allows attackers to trigger unexpected behavior within a device connected to a legacy switch via changing the link type from indirect to direct.9.1Mar 24, 2025
• CVE-2025-29311Limited secret space in LLDP packets used in onos v2.7.0 allows attackers to obtain the private key via a bruteforce attack. Attackers are able to leverage this vulnerability into creating crafted ...7.5Mar 24, 2025
• CVE-2025-29310An issue in onos v2.7.0 allows attackers to trigger a packet deserialization problem when supplying a crafted LLDP packet. This vulnerability allows attackers to execute arbitrary commands or acces...9.8Mar 24, 2025
• CVE-2024-48809An issue in Open Networking Foundations sdran-in-a-box v.1.4.3 and onos-a1t v.0.2.3 allows a remote attacker to cause a denial of service via the onos-a1t component of the sdran-in-a-box, specifica...7.5Nov 4, 2024
• CVE-2024-31198Out-of-bounds Read in libfluid_msg library5.3Sep 18, 2024
• CVE-2024-31197Improper Null Termination in libfluid_msg library5.3Sep 18, 2024
• CVE-2024-31196NULL Pointer Dereference in libfluid_msg library5.3Sep 18, 2024
• CVE-2024-31195Out-of-bounds Read in libfluid_msg library6.5Sep 18, 2024