232 matches found
EUVD-2025-8015
Malicious code in bioql PyPI...
EUVD-2022-2423
Malicious code in bioql PyPI...
EUVD-2022-48776
Malicious code in bioql PyPI...
EUVD-2024-37029
Malicious code in bioql PyPI...
EUVD-2024-2707
Malicious code in bioql PyPI...
EUVD-2022-3970
Malicious code in bioql PyPI...
EUVD-2025-8014
Malicious code in bioql PyPI...
EUVD-2022-48774
Malicious code in bioql PyPI...
CVE-2024-46942
In OpenDaylight Model-Driven Service Abstraction Layer MD-SAL through 13.0.1, a controller with a follower role can configure flow entries in an OpenDaylight clustering deployment...
CVE-2024-46943
An issue was discovered in OpenDaylight Authentication, Authorization and Accounting AAA through 0.19.3. A rogue controller can join a cluster to impersonate an offline peer, even if this rogue controller does not possess the complete cluster configuration information...
Denial Of Service (DoS)
OpenDaylight Service Function Chaining SFC is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of name resolution or references and allows an attacker to exploit incorrect resolutions to cause a Denial of Service DoS...
CVE-2025-29313
Use of incorrectly resolved name or reference in OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allows attackers to cause a Denial of Service DoS...
CVE-2025-29315
An issue in the Shiro-based RBAC Role-based Access Control mechanism of OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allows attackers to execute privileged operations via a crafted request...
CVE-2025-29314
Insecure Shiro cookie configurations in OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allow attackers to access sensitive information via a man-in-the-middle attack...
Improper Authorization
Overview Affected versions of this package are vulnerable to Improper Authorization via the Shiro-based RBAC mechanism. An attacker can execute privileged operations by sending a crafted request. Remediation There is no fixed version for org.opendaylight.sfc:sfc-provider. References - Vulnerabili...
OpenDaylight SFC Allows Unauthorized Privileged Execution via Crafted Request
An issue in the Shiro-based RBAC Role-based Access Control mechanism of OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allows attackers to execute privileged operations via a crafted request...
OpenDaylight SFC Insecure Shiro Cookie Configuration
Insecure Shiro cookie configurations in OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allow attackers to access sensitive information via a man-in-the-middle attack...
OpenDaylight SFC Denial of Service (DoS)
Use of incorrectly resolved name or reference in OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allows attackers to cause a Denial of Service DoS...
org.opendaylight.faas:features4-faas (>=1.2.0-Carbon <=1.3.3), org.opendaylight.faas:odl-faas-all (>=1.2.0-Carbon <=1.3.3) +67 more potentially affected by CVE-2025-29315 via org.opendaylight.sfc:sfc-provider (>=0.0.1-Helium <=0.9.3)
org.opendaylight.sfc:sfc-provider MAVEN version =0.0.1-Helium, =1.2.0-Carbon, =1.2.0-Carbon, =1.2.0-Carbon, =1.0.0-Beryllium, =0.6.0, =0.5.0-Carbon, =0.5.0-Carbon, =0.5.0-Carbon, =0.5.0-Carbon, =0.6.0, =0.9.0, =0.9.0, =0.11.4 and more Source cves: CVE-2025-29315 Source advisory:...
GHSA-V3VP-FG2V-G7Q4 OpenDaylight SFC Denial of Service (DoS)
Use of incorrectly resolved name or reference in OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allows attackers to cause a Denial of Service DoS...