Onos Security Vulnerabilities and Issues — Onos CVE List

Lucene search

OnosprojectOnos

5 matches found

CVE•added 2023/05/04 10:15 p.m.•44 views

CVE-2023-30093

A cross-site scripting (XSS) vulnerability in Open Networking Foundation ONOS from version v1.9.0 to v2.7.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter of the API documentation dashboard.

6.1CVSS5.8AI score0.0009EPSS

CVE•added 2017/07/17 1:18 p.m.•43 views

CVE-2017-1000078

Linux foundation ONOS 1.9 is vulnerable to XSS in the device. registration

6.1CVSS5.9AI score0.00265EPSS

CVE•added 2017/08/30 12:29 a.m.•38 views

CVE-2017-13762

ONOS versions 1.8.0, 1.9.0, and 1.10.0 are vulnerable to XSS.

6.1CVSS6.2AI score0.00748EPSS

CVE•added 2024/04/30 12:15 a.m.•37 views

CVE-2023-52726

Open Networking Foundation SD-RAN ONOS onos-ric-sdk-go 0.8.12 allows infinite repetition of the processing of an error (in the Subscribe function implementation for the subscribed indication stream).

6.5CVSS6.8AI score0.00098EPSS

CVE•added 2018/07/05 6:29 p.m.•29 views

CVE-2018-12691

Time-of-check to time-of-use (TOCTOU) race condition in org.onosproject.acl (aka the access control application) in ONOS v1.13 and earlier allows attackers to bypass network access control via data plane packet injection.

6.8CVSS6.8AI score0.00183EPSS