Denial Of Service (DoS)

OpenDaylight Service Function Chaining SFC is vulnerable to Denial Of Service DoS. The vulnerability is due to improper handling of name resolution or references and allows an attacker to exploit incorrect resolutions to cause a Denial of Service DoS...

CVE-2025-29313

Use of incorrectly resolved name or reference in OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allows attackers to cause a Denial of Service DoS...

CVE-2025-29314

Insecure Shiro cookie configurations in OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allow attackers to access sensitive information via a man-in-the-middle attack...

org.opendaylight.groupbasedpolicy:features-groupbasedpolicy (=0.7.4), org.opendaylight.groupbasedpolicy:odl-groupbasedpolicy-neutron-and-ofoverlay (>=0.5.0-Carbon <=0.7.4) +19 more potentially affected by CVE-2025-29314 via org.opendaylight.sfc:odl-sfc-ovs (>=0.10.0 <=0.9.3)

org.opendaylight.sfc:odl-sfc-ovs MAVEN version =0.10.0, =0.5.0-Carbon, =0.5.0-Carbon, =0.5.0-Carbon, =0.9.0, =0.9.0, =0.9.0, =0.9.0, =0.9.0, =0.9.0, =0.6.0, =0.6.0, =0.4.0-Carbon, =0.5.0, =0.4.0-Carbon, =0.4.4-Carbon and more Source cves: CVE-2025-29314 Source advisory:...

GHSA-V3VP-FG2V-G7Q4 OpenDaylight SFC Denial of Service (DoS)

Use of incorrectly resolved name or reference in OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allows attackers to cause a Denial of Service DoS...

GHSA-XP75-W7VQ-5X6J OpenDaylight SFC Insecure Shiro Cookie Configuration

Insecure Shiro cookie configurations in OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allow attackers to access sensitive information via a man-in-the-middle attack...

CVE-2025-29313

Use of incorrectly resolved name or reference in OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allows attackers to cause a Denial of Service DoS...

CVE-2025-29313

Use of incorrectly resolved name or reference in OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allows attackers to cause a Denial of Service DoS...

CVE-2025-29315

An issue in the Shiro-based RBAC Role-based Access Control mechanism of OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allows attackers to execute privileged operations via a crafted request...

CVE-2025-29313

Use of incorrectly resolved name or reference in OpenDaylight Service Function Chaining SFC Subproject SFC Sodium-SR4 and below allows attackers to cause a Denial of Service DoS...

CVE-2025-29313

The CVE-2025-29313 entry describes a Denial of Service affecting OpenDaylight SFC Sodium-SR4 and earlier subprojects, caused by incorrect resolution of names or references in the SFC component. Affected component: OpenDaylight Service Function Chaining (SFC). Root cause: improper handling of name...

CVE-2025-29314

CVE-2025-29314 affects OpenDaylight Service Function Chaining (SFC) Sodium-SR4 and earlier. The root cause is insecure Shiro cookie configurations (e.g., _secureCookies=False, _httpOnly=False) that enable a man-in-the-middle to access sensitive data. CVSSv3.1: 8.1 (HIGH) with network attack vecto...

CVE-2025-29315

The CVE describes a Shiro-based RBAC flaw in OpenDaylight SFC Sodium-SR4 and earlier, enabling privilege escalation via a crafted request. Affected component: OpenDaylight SFC (SFC Sodium-SR4 and below); root cause: flaws in Shiro RBAC enforcement allowing privileged operations. Impact (as per CV...