Lucene search
RedhatCVE-2022-4337HistoryJan 10, 2023 - 10:15 p.m.
CVE-2022-4337
2023-01-1022:15:13
CWE-125
redhat
web.nvd.nist.gov
164
cve-2022-4337
out-of-bounds read
organization specific tlv
openvswitch
nvd
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.1
Confidence
High
EPSS
0.003
Percentile
69.3%
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.
Affected configurations
Node
openvswitchopenvswitchRange<2.13.10
ORopenvswitchopenvswitchRange2.14.0–2.14.8
ORopenvswitchopenvswitchRange2.15.0–2.15.7
ORopenvswitchopenvswitchRange2.16.0–2.16.6
ORopenvswitchopenvswitchRange2.17.0–2.17.5
ORopenvswitchopenvswitchRange3.0.0–3.0.3
Node
debiandebian_linuxMatch11.0
| Vendor | Product | Version | CPE |
|---|---|---|---|
| openvswitch | openvswitch | * | cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:* |
| debian | debian_linux | 11.0 | cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "n/a",
"product": "openvswitch",
"versions": [
{
"version": "openvswitch 3.0.3, openvswitch 2.17.5, openvswitch 2.16.6, openvswitch 2.15.7, openvswitch 2.14.8, openvswitch 2.13.10",
"status": "affected"
}
]
}
]Related
redhatcve
redhatcve
CVE-2022-4337
2022-12-21 04:34:58
cbl_mariner
cbl_mariner
CVE-2022-4337 affecting package openvswitch 2.15.1-2
2023-01-29 21:01:57
CVE-2022-4337 affecting package openvswitch for versions less than 2.17.5-1
2023-01-20 06:36:23
alpinelinux
alpinelinux
CVE-2022-4337
2023-01-10 22:15:13
prion
prion
Design/Logic Flaw
2023-01-10 22:15:00
ubuntucve
ubuntucve
CVE-2022-4337
2023-01-10 00:00:00
CVE-2022-4338
2023-01-10 00:00:00
veracode
veracode
Out-Of-Bound Reads
2023-01-26 07:49:32
osv
osv
CVE-2022-4337
2023-01-10 22:15:13
openvswitch - security update
2023-01-13 00:00:00
openvswitch vulnerabilities
2023-02-27 12:24:28
debiancve
debiancve
CVE-2022-4337
2023-01-10 22:15:13
cvelist
cvelist
CVE-2022-4337
2023-01-10 00:00:00
nessus
nessus
CBL Mariner 2.0 Security Update: openvswitch (CVE-2022-4337)
2023-03-20 00:00:00
Photon OS 5.0: Openvswitch PHSA-2023-5.0-0089
2024-07-24 00:00:00
RHEL 8 : openvswitch2.13 (RHSA-2023:0685)
2023-02-09 00:00:00
nvd
nvd
CVE-2022-4337
2023-01-10 22:15:13
openvas
openvas
Debian: Security Advisory (DLA-3253-1)
2023-01-01 00:00:00
SUSE: Security Advisory (SUSE-SU-2023:2251-1)
2023-05-22 00:00:00
Debian: Security Advisory (DSA-5319-1)
2023-01-15 00:00:00
debian
debian
[SECURITY] [DLA 3253-1] openvswitch security update
2022-12-31 14:57:34
[SECURITY] [DSA 5319-1] openvswitch security update
2023-01-13 19:23:15
redhat
redhat
ubuntu
ubuntu
Open vSwitch vulnerabilities
2023-02-27 00:00:00
redos
redos
ROS-20230117-02
2023-01-17 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2023-0316
2023-01-18 00:00:00
Critical Photon OS Security Update - PHSA-2023-3.0-0519
2023-01-23 00:00:00
Critical Photon OS Security Update - PHSA-2023-4.0-0316
2023-01-18 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2023-2262
2023-10-22 05:27:25
gentoo
gentoo
Open vSwitch: Multiple Vulnerabilities
2023-11-26 00:00:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.1
Confidence
High
EPSS
0.003
Percentile
69.3%
Related for CVE-2022-4337