A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service.
Max CVSS
6.5
EPSS Score
0.05%
Published
2024-03-12
Updated
2024-03-23

CVE-2023-44487

Known exploited
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Max CVSS
7.5
EPSS Score
70.59%
Published
2023-10-10
Updated
2024-02-02
CISA KEV Added
2023-10-10
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled.
Max CVSS
7.5
EPSS Score
0.05%
Published
2024-02-22
Updated
2024-03-23
A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. An out-of-bounds read access in hpack_valid_idx() resulted in a remote crash and denial of service.
Max CVSS
7.5
EPSS Score
0.26%
Published
2018-09-21
Updated
2019-07-23
In atomic-openshift before version 3.10.9 a malicious network-policy configuration can cause Openshift Routing to crash when using ovs-networkpolicy plugin. An attacker can use this flaw to cause a Denial of Service (DoS) attack on an Openshift 3.9, or 3.7 Cluster.
Max CVSS
7.5
EPSS Score
0.08%
Published
2018-07-05
Updated
2019-10-09
Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a regular expression, denial of service attack.
Max CVSS
6.5
EPSS Score
0.15%
Published
2018-05-11
Updated
2022-06-23
openshift before versions 3.3.1.11, 3.2.1.23, 3.4 is vulnerable to a flaw when a volume fails to detach, which causes the delete operation to fail with 'VolumeInUse' error. Since the delete operation is retried every 30 seconds for each volume, this could lead to a denial of service attack as the number of API requests being sent to the cloud-provider exceeds the API's rate-limit.
Max CVSS
4.3
EPSS Score
0.07%
Published
2018-04-16
Updated
2019-10-09
Jenkins before 2.3 and LTS before 1.651.2 allows remote authenticated users to trigger updating of update site metadata by leveraging a missing permissions check. NOTE: this issue can be combined with DNS cache poisoning to cause a denial of service (service disruption).
Max CVSS
5.0
EPSS Score
0.16%
Published
2016-05-17
Updated
2018-01-05
Jenkins before 2.3 and LTS before 1.651.2 allow remote authenticated users with multiple accounts to cause a denial of service (unable to login) by editing the "full name."
Max CVSS
4.3
EPSS Score
0.20%
Published
2016-05-17
Updated
2018-01-05
Jenkins before 1.583 and LTS before 1.565.3 allows remote attackers to cause a denial of service (thread consumption) via vectors related to a CLI handshake.
Max CVSS
5.0
EPSS Score
0.24%
Published
2014-10-16
Updated
2023-02-13
Phusion Passenger gem before 3.0.21 and 4.0.x before 4.0.5 for Ruby allows local users to cause a denial of service (prevent application start) or gain privileges by pre-creating a temporary "config" file in a directory with a predictable name in /tmp/ before it is used by the gem.
Max CVSS
4.6
EPSS Score
0.04%
Published
2014-01-03
Updated
2023-02-13
OpenShift haproxy cartridge: predictable /tmp in set-proxy connection hook which could facilitate DoS
Max CVSS
5.5
EPSS Score
0.04%
Published
2019-12-05
Updated
2019-12-14
12 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!