Opennetworking

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-65568 1Opennetworking 1Upf Jan 7, 2026 Dec 18, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request that includes a CreateFAR with a...Show more A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request that includes a CreateFAR with an empty or truncated IPv4 address field is not properly validated. During parsing, parseFAR() calls ip2int(), which performs an out-of-bounds read on the IPv4 address buffer and triggers an index-out-of-range panic. An attacker who can send PFCP Session Establishment Request messages to the UPF's N4/PFCP endpoint can exploit this issue to repeatedly crash the UPF and disrupt user-plane services.Show less
CVE-2025-65567 1Opennetworking 1Upf Jan 7, 2026 Dec 18, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a specially crafted PFCP Session Establishment Request with a CreateP...Show more A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a specially crafted PFCP Session Establishment Request with a CreatePDR that contains a malformed Flow-Description is not robustly validated. The Flow-Description parser (parseFlowDesc) can read beyond the bounds of the provided buffer, causing a panic and terminating the UPF process. An attacker who can send PFCP Session Establishment Request messages to the UPF's N4/PFCP endpoint can exploit this issue to repeatedly crash the UPF.Show less
CVE-2025-65565 1Opennetworking 1Upf Jan 7, 2026 Dec 18, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association is established, a PFCP Session Establishment Request that is missing t...Show more A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association is established, a PFCP Session Establishment Request that is missing the mandatory F-SEID (CPF-SEID) Information Element is not properly validated. The session establishment handler calls IE.FSEID() on a nil pointer, which triggers a panic and terminates the UPF process. An attacker who can send PFCP Session Establishment Request messages to the UPF's N4/PFCP endpoint can exploit this issue to repeatedly crash the UPF and disrupt user-plane services.Show less
CVE-2025-65564 1Opennetworking 1Upf Jan 7, 2026 Dec 18, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 A denial-of-service vulnerability exists in the omec-upf (upf-epc-pfcpiface) in version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory Recovery Time Stam...Show more A denial-of-service vulnerability exists in the omec-upf (upf-epc-pfcpiface) in version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory Recovery Time Stamp Information Element, the association setup handler dereferences a nil pointer via IE.RecoveryTimeStamp() instead of validating the message. This results in a panic and terminates the UPF process. An attacker who can send PFCP Association Setup Request messages to the UPF's N4/PFCP endpoint can exploit this issue to repeatedly crash the UPF and disrupt user-plane services.Show less
CVE-2025-65563 1Opennetworking 1Upf Jan 7, 2026 Dec 18, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 A denial-of-service vulnerability exists in the omec-project UPF (component upf-epc/pfcpiface) up to at least version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing th...Show more A denial-of-service vulnerability exists in the omec-project UPF (component upf-epc/pfcpiface) up to at least version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory NodeID Information Element, the association setup handler dereferences a nil pointer instead of validating the message, causing a panic and terminating the UPF process. An attacker who can send PFCP Association Setup Request messages to the UPF's N4/PFCP endpoint can exploit this issue to repeatedly crash the UPF and disrupt user-plane services.Show less
CVE-2024-53423 1Opennetworking 1Onos Jun 3, 2025 May 29, 2025 N/A· v4 5.6 MEDIUM· v3 N/A· v2 An issue in Open Network Foundation ONOS v2.7.0 allows attackers to cause a Denial of Service (DoS) via supplying crafted packets.
CVE-2023-41591 1Opennetworking 1Onos Jun 3, 2025 May 29, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue in Open Network Foundation ONOS v2.7.0 allows attackers to create fake IP/MAC addresses and potentially execute a man-in-the-middle attack on communications between fake and real hosts.
CVE-2025-29312 1Opennetworking 1Onos Apr 1, 2025 Mar 24, 2025 N/A· v4 9.1 CRITICAL· v3 N/A· v2 An issue in onos v2.7.0 allows attackers to trigger unexpected behavior within a device connected to a legacy switch via changing the link type from indirect to direct.
CVE-2025-29311 1Opennetworking 1Onos Apr 1, 2025 Mar 24, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 Limited secret space in LLDP packets used in onos v2.7.0 allows attackers to obtain the private key via a bruteforce attack. Attackers are able to leverage this vulnerability into creating crafted LLDP packets.
CVE-2025-29310 1Opennetworking 1Onos Apr 1, 2025 Mar 24, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 An issue in onos v2.7.0 allows attackers to trigger a packet deserialization problem when supplying a crafted LLDP packet. This vulnerability allows attackers to execute arbitrary commands or access network information.
CVE-2024-48809 1Opennetworking 2Onos A1t Sdran In A Box Dec 31, 2025 Nov 4, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 An issue in Open Networking Foundations sdran-in-a-box v.1.4.3 and onos-a1t v.0.2.3 allows a remote attacker to cause a denial of service via the onos-a1t component of the sdran-in-a-box, specifically the DeleteWatcher f...Show more An issue in Open Networking Foundations sdran-in-a-box v.1.4.3 and onos-a1t v.0.2.3 allows a remote attacker to cause a denial of service via the onos-a1t component of the sdran-in-a-box, specifically the DeleteWatcher function.Show less
CVE-2024-31198 1Opennetworking 1Libfluid Msg Sep 20, 2024 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::Port:unpack. This issue affects libfluid: 0.1.0...Show more Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::Port:unpack. This issue affects libfluid: 0.1.0.Show less
CVE-2024-31197 1Opennetworking 1Libfluid Msg Sep 20, 2024 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Improper Null Termination vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::Port:unpack. This issue affects libfluid...Show more Improper Null Termination vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::Port:unpack. This issue affects libfluid: 0.1.0.Show less
CVE-2024-31196 1Opennetworking 1Libfluid Msg Sep 20, 2024 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::ActionList::unpack10....Show more Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::ActionList::unpack10. This issue affects libfluid: 0.1.0.Show less
CVE-2024-31195 1Opennetworking 1Libfluid Msg Sep 20, 2024 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTable::unpack. This issue affects...Show more Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTable::unpack. This issue affects libfluid: 0.1.0.Show less
CVE-2024-31194 1Opennetworking 1Libfluid Msg Sep 20, 2024 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortStats::unpack. This issue aff...Show more Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortStats::unpack. This issue affects libfluid: 0.1.0.Show less
CVE-2024-31193 1Opennetworking 1Libfluid Msg Sep 20, 2024 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroup::unpack. This issue affects...Show more Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroup::unpack. This issue affects libfluid: 0.1.0.Show less
CVE-2024-31192 1Opennetworking 1Libfluid Msg Sep 20, 2024 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroupDesc::unpack. This issue aff...Show more Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroupDesc::unpack. This issue affects libfluid: 0.1.0.Show less
CVE-2024-31191 1Opennetworking 1Libfluid Msg Sep 20, 2024 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeter::unpack. This issue affects...Show more Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeter::unpack. This issue affects libfluid: 0.1.0.Show less
CVE-2024-31190 1Opennetworking 1Libfluid Msg Sep 20, 2024 Sep 18, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeterConfig::unpack. This issue a...Show more Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeterConfig::unpack. This issue affects libfluid: 0.1.0.Show less

12 3 4 Next