3 matches found
org.opendaylight.groupbasedpolicy:groupbasedpolicy (>=0.1.0-Helium <=0.1.2-Helium-SR2), org.opendaylight.openflowplugin:openflowplugin-extension-nicira (>=0.0.3-Helium <=0.0.5-Helium-SR2) +2 more potentially affected by CVE-2015-1611 +1 more via org.opendaylight.openflowplugin:openflowplugin (>=0.0.3-Helium <=0.0.5-Helium-SR2)
org.opendaylight.openflowplugin:openflowplugin MAVEN version =0.0.3-Helium, =0.1.0-Helium, =0.0.3-Helium, =0.0.3-Helium, =1.0.0-Helium, =1.0.2-Helium-SR2 Source cves: CVE-2015-1611, CVE-2015-1612 Source advisory: SNYK:JAVA-ORGOPENDAYLIGHTOPENFLOWPLUGIN-10393986...
org.opendaylight.groupbasedpolicy:groupbasedpolicy (>=0.1.0-Helium <=0.1.2-Helium-SR2), org.opendaylight.openflowplugin:openflowplugin-extension-nicira (>=0.0.3-Helium <=0.0.5-Helium-SR2) +2 more potentially affected by CVE-2015-1611 +1 more via org.opendaylight.openflowplugin:openflowplugin (>=0.0.3-Helium <=0.0.5-Helium-SR2)
org.opendaylight.openflowplugin:openflowplugin MAVEN version =0.0.3-Helium, =0.1.0-Helium, =0.0.3-Helium, =0.0.3-Helium, =1.0.0-Helium, =1.0.2-Helium-SR2 Source cves: CVE-2015-1611, CVE-2015-1612 Source advisory: SNYK:JAVA-ORGOPENDAYLIGHTOPENFLOWPLUGIN-10393984...
CVE-2015-1612
The CVE-2015-1612 issue affects the OpenFlow plugin for OpenDaylight (before Helium SR3). It enables LLDP-related spoofing of the SDN topology that can affect data flow. Affected component: openflowplugin in OpenDaylight; root cause: reuse of LLDP packets leading to topology spoofing (LLDP Relay)...