Search CVE reports
1 – 4 of 4 results
CVE-2024-2182
Medium priorityA flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including...
1 affected packages
ovn
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ovn | Not affected | Fixed | Fixed | — | — |
CVE-2023-3153
Medium prioritySome fixes available 2 of 4
A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured.
1 affected packages
ovn
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| ovn | — | Fixed | Ignored | Ignored | Ignored |
CVE-2017-18635
Medium prioritySome fixes available 1 of 2
An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.
1 affected packages
novnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| novnc | Not affected | Not affected | Not affected | Vulnerable | Fixed |
CVE-2013-7436
Medium prioritynoVNC before 0.5 does not set the secure flag for a cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.
1 affected packages
novnc
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| novnc | — | — | — | Not affected | Not affected |