exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 13

CVE-2025-0650

около 1 года назад

A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network. OVN provides rudimentary DNS caching as an optional feature to speed up lookups of frequently-used domains. When this feature is enabled, due to the OpenFlow rules that OVN installs in Open vSwitch, it is possible for an attacker to craft a UDP packet that can bypass egress ACL rules. Egress ACL rules are those that have the "direction" set to "to-lport". The OVN installation is vulnerable if a logical switch has DNS records set on it AND if the same switch has any egress ACLs configured on it. The switch is considered to have egress ACLs configured if the switch has an egress ACL configured directly on it using the "ac...

CVSS3: 8.1

EPSS: Низкий

CVE-2025-0650

около 2 лет назад

CVSS3: 8.1

EPSS: Низкий

CVE-2025-0650

около 1 года назад

CVSS3: 8.1

EPSS: Низкий

CVE-2025-0650

около 1 года назад

A flaw was found in the Open Virtual Network (OVN). Specially crafted ...

CVSS3: 8.1

EPSS: Низкий

SUSE-SU-2025:0742-1

11 месяцев назад

Security update for openvswitch3

EPSS: Низкий

SUSE-SU-2025:0583-1

12 месяцев назад

Security update for openvswitch

EPSS: Низкий

SUSE-SU-2025:0578-1

12 месяцев назад

Security update for openvswitch

EPSS: Низкий

SUSE-SU-2025:0561-1

12 месяцев назад

Security update for openvswitch

EPSS: Низкий

GHSA-gmx5-xv9g-ph7f

около 1 года назад

CVSS3: 8.1

EPSS: Низкий

BDU:2025-03286

около 1 года назад

Уязвимость системы поддержки абстракции виртуальной сети OVN (Open Virtual Network), связанная с неправильным контролем доступа, позволяющая нарушителю получить несанкционированный доступ к виртуальным машинам и контейнерам, работающим в сети OVN

CVSS3: 8.1

EPSS: Низкий

ROS-20250307-07

11 месяцев назад

Уязвимость ovn

CVSS3: 8.1

EPSS: Низкий

SUSE-SU-2026:0290-1

12 дней назад

Security update for openvswitch3

EPSS: Низкий

SUSE-SU-2026:0280-1

15 дней назад

Security update for openvswitch

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2025-0650 A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network. OVN provides rudimentary DNS caching as an optional feature to speed up lookups of frequently-used domains. When this feature is enabled, due to the OpenFlow rules that OVN installs in Open vSwitch, it is possible for an attacker to craft a UDP packet that can bypass egress ACL rules. Egress ACL rules are those that have the "direction" set to "to-lport". The OVN installation is vulnerable if a logical switch has DNS records set on it AND if the same switch has any egress ACLs configured on it. The switch is considered to have egress ACLs configured if the switch has an egress ACL configured directly on it using the "ac...	CVSS3: 8.1	1% Низкий	около 1 года назад
CVE-2025-0650 A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.	CVSS3: 8.1	1% Низкий	около 2 лет назад
CVE-2025-0650 A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.	CVSS3: 8.1	1% Низкий	около 1 года назад
CVE-2025-0650 A flaw was found in the Open Virtual Network (OVN). Specially crafted ...	CVSS3: 8.1	1% Низкий	около 1 года назад
SUSE-SU-2025:0742-1 Security update for openvswitch3		1% Низкий	11 месяцев назад
SUSE-SU-2025:0583-1 Security update for openvswitch		1% Низкий	12 месяцев назад
SUSE-SU-2025:0578-1 Security update for openvswitch		1% Низкий	12 месяцев назад
SUSE-SU-2025:0561-1 Security update for openvswitch		1% Низкий	12 месяцев назад
GHSA-gmx5-xv9g-ph7f A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can lead to unauthorized access to virtual machines and containers running on the OVN network.	CVSS3: 8.1	1% Низкий	около 1 года назад
BDU:2025-03286 Уязвимость системы поддержки абстракции виртуальной сети OVN (Open Virtual Network), связанная с неправильным контролем доступа, позволяющая нарушителю получить несанкционированный доступ к виртуальным машинам и контейнерам, работающим в сети OVN	CVSS3: 8.1	1% Низкий	около 1 года назад
ROS-20250307-07 Уязвимость ovn	CVSS3: 8.1	1% Низкий	11 месяцев назад
SUSE-SU-2026:0290-1 Security update for openvswitch3			12 дней назад
SUSE-SU-2026:0280-1 Security update for openvswitch			15 дней назад

Уязвимостей на страницу