Opennetworking 関連製品全体の CVE とセキュリティ脆弱性情報を集約し、CVSS、EPSS、公開日、脆弱性情報データを掲載しています。
一般的な弱点パターンには vendor risk memory corruption、vendor risk cross-site scripting、パス処理の欠陥, and vendor risk input validation があり、vendor surface production workloads の利用場面で vendor impact unexpected behavior、ファイル上書き, and vendor impact session compromise などのリスクが生じる可能性があります。
掲載データは公開脆弱性情報とセキュリティ公告に基づき、過去の暴露面と修補優先度の評価に利用できます。
| CVE | 概要 | ソース | CVSS 最大値 | EPSS(%) | 公開 | 更新 |
|---|---|---|---|---|---|---|
| CVE-2025-65568 | A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a PFCP Session Establishment Request that includes a CreateFAR with an empty or truncated IPv4 address field is not properly validated. During parsing, parseFAR() calls ip2int(), which performs an out-of-bounds read on the IPv4 address buffer and triggers an index-out-of-range panic. An attacker who can send PFCP Session Establishment Request mess | [email protected] | 7.5 | 0.06% | 2025-12-18 | 2026-01-07 |
| CVE-2025-65567 | A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association, a specially crafted PFCP Session Establishment Request with a CreatePDR that contains a malformed Flow-Description is not robustly validated. The Flow-Description parser (parseFlowDesc) can read beyond the bounds of the provided buffer, causing a panic and terminating the UPF process. An attacker who can send PFCP Session Establishment Request mes | [email protected] | 7.5 | 0.05% | 2025-12-18 | 2026-01-07 |
| CVE-2025-65565 | A denial-of-service vulnerability exists in the omec-project UPF (pfcpiface component) in version upf-epc-pfcpiface:2.1.3-dev. After PFCP association is established, a PFCP Session Establishment Request that is missing the mandatory F-SEID (CPF-SEID) Information Element is not properly validated. The session establishment handler calls IE.FSEID() on a nil pointer, which triggers a panic and terminates the UPF process. An attacker who can send PFCP Session Establishment Request messages to the UP | [email protected] | 7.5 | 0.06% | 2025-12-18 | 2026-01-07 |
| CVE-2025-65564 | A denial-of-service vulnerability exists in the omec-upf (upf-epc-pfcpiface) in version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory Recovery Time Stamp Information Element, the association setup handler dereferences a nil pointer via IE.RecoveryTimeStamp() instead of validating the message. This results in a panic and terminates the UPF process. An attacker who can send PFCP Association Setup Request messages to the UPF's N4/P | [email protected] | 7.5 | 0.06% | 2025-12-18 | 2026-01-07 |
| CVE-2025-65563 | A denial-of-service vulnerability exists in the omec-project UPF (component upf-epc/pfcpiface) up to at least version upf-epc-pfcpiface:2.1.3-dev. When the UPF receives a PFCP Association Setup Request that is missing the mandatory NodeID Information Element, the association setup handler dereferences a nil pointer instead of validating the message, causing a panic and terminating the UPF process. An attacker who can send PFCP Association Setup Request messages to the UPF's N4/PFCP endpoint can | [email protected] | 7.5 | 0.06% | 2025-12-18 | 2026-01-07 |
| CVE-2024-53423 | An issue in Open Network Foundation ONOS v2.7.0 allows attackers to cause a Denial of Service (DoS) via supplying crafted packets. | [email protected] | 5.6 | 0.12% | 2025-05-29 | 2025-06-03 |
| CVE-2023-41591 | An issue in Open Network Foundation ONOS v2.7.0 allows attackers to create fake IP/MAC addresses and potentially execute a man-in-the-middle attack on communications between fake and real hosts. | [email protected] | 9.8 | 0.29% | 2025-05-29 | 2025-06-03 |
| CVE-2025-29312 | An issue in onos v2.7.0 allows attackers to trigger unexpected behavior within a device connected to a legacy switch via changing the link type from indirect to direct. | [email protected] | 9.1 | 0.20% | 2025-03-24 | 2025-04-01 |
| CVE-2025-29311 | Limited secret space in LLDP packets used in onos v2.7.0 allows attackers to obtain the private key via a bruteforce attack. Attackers are able to leverage this vulnerability into creating crafted LLDP packets. | [email protected] | 7.5 | 0.24% | 2025-03-24 | 2025-04-01 |
| CVE-2025-29310 | An issue in onos v2.7.0 allows attackers to trigger a packet deserialization problem when supplying a crafted LLDP packet. This vulnerability allows attackers to execute arbitrary commands or access network information. | [email protected] | 9.8 | 0.18% | 2025-03-24 | 2025-04-01 |
| CVE-2024-48809 | An issue in Open Networking Foundations sdran-in-a-box v.1.4.3 and onos-a1t v.0.2.3 allows a remote attacker to cause a denial of service via the onos-a1t component of the sdran-in-a-box, specifically the DeleteWatcher function. | [email protected] | 7.5 | 1.55% | 2024-11-04 | 2025-12-31 |
| CVE-2024-31198 | Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::Port:unpack. This issue affects libfluid: 0.1.0. | [email protected] | 5.3 | 0.26% | 2024-09-18 | 2024-09-20 |
| CVE-2024-31197 | Improper Null Termination vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of10::Port:unpack. This issue affects libfluid: 0.1.0. | [email protected] | 5.3 | 0.19% | 2024-09-18 | 2024-09-20 |
| CVE-2024-31196 | Unchecked Return Value to NULL Pointer Dereference vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::ActionList::unpack10. This issue affects libfluid: 0.1.0. | [email protected] | 5.3 | 0.20% | 2024-09-18 | 2024-09-20 |
| CVE-2024-31195 | Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyTable::unpack. This issue affects libfluid: 0.1.0. | [email protected] | 6.5 | 0.19% | 2024-09-18 | 2024-09-20 |
| CVE-2024-31194 | Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyPortStats::unpack. This issue affects libfluid: 0.1.0. | [email protected] | 6.5 | 0.18% | 2024-09-18 | 2024-09-20 |
| CVE-2024-31193 | Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroup::unpack. This issue affects libfluid: 0.1.0. | [email protected] | 6.5 | 0.18% | 2024-09-18 | 2024-09-20 |
| CVE-2024-31192 | Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyGroupDesc::unpack. This issue affects libfluid: 0.1.0. | [email protected] | 6.5 | 0.18% | 2024-09-18 | 2024-09-20 |
| CVE-2024-31191 | Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeter::unpack. This issue affects libfluid: 0.1.0. | [email protected] | 6.5 | 0.18% | 2024-09-18 | 2024-09-20 |
| CVE-2024-31190 | Out-of-bounds Read vulnerability in Open Networking Foundation (ONF) libfluid (libfluid_msg module). This vulnerability is associated with program routine fluid_msg::of13::MultipartReplyMeterConfig::unpack. This issue affects libfluid: 0.1.0. | [email protected] | 6.5 | 0.18% | 2024-09-18 | 2024-09-20 |