Homepage

org.onosproject:onos-core-net@1.0.0 vulnerabilities

  • latest version

    2.7.0

  • latest non vulnerable version

    2.5.1-rc1

  • first published

    10 years ago

  • latest version published

    3 years ago

  • licenses detected

  • package manager

    View on Maven Repository
    • Go back to all versions of this package
    Report a new vulnerability Found a mistake?

    Direct Vulnerabilities

    Known vulnerabilities in the org.onosproject:onos-core-net package. This does not include vulnerabilities belonging to this package’s dependencies.

    How to fix?

    Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

    Fix for free
    VulnerabilityVulnerable Version
    • M
    Denial of Service (DoS)

    org.onosproject:onos-core-net Affected versions of the package are vulnerable to Denial of Service (DoS). It was found that the packet deserializers in ONOS would throw exceptions when handling malformed, truncated or maliciously-crafted packets. The exceptions were not caught and handled, which would result in the relevant switch being disconnected because an exception occurred in an I/O thread. A remote unauthenticated attacker could use this flaw to perform a Denial of Service (DoS) attack by causing ONOS to disconnect switches.

    [1.0.0,1.0.1)
    Go back to all versions of this package