GHSA-7hmm-wg23-2w7m

Suggest an improvement
Source
https://github.com/advisories/GHSA-7hmm-wg23-2w7m
Import Source
https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/05/GHSA-7hmm-wg23-2w7m/GHSA-7hmm-wg23-2w7m.json
JSON Data
https://api.test.osv.dev/v1/vulns/GHSA-7hmm-wg23-2w7m
Aliases
  • CVE-2024-34483
Published
2024-05-05T03:30:47Z
Modified
2024-07-03T20:21:28.182306Z
Severity
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
Summary
Ryu Infinite Loop vulnerability
Details

OFPGroupDescStats in parser.py in Faucet SDN Ryu 4.34 allows attackers to cause a denial of service (infinite loop) via OFPBucket.len=0.

Database specific
{
    "nvd_published_at": "2024-05-05T02:15:06Z",
    "cwe_ids": [
        "CWE-400"
    ],
    "severity": "HIGH",
    "github_reviewed": true,
    "github_reviewed_at": "2024-05-06T14:30:04Z"
}
References

Affected packages

PyPI / ryu

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Last affected
4.34

Affected versions

0.*

0.2

1.*

1.0
1.1
1.2
1.3
1.4
1.5
1.6
1.7
1.8
1.9

2.*

2.0
2.1
2.2

3.*

3.1
3.2
3.3
3.4
3.5
3.6
3.7
3.8
3.9
3.10
3.11
3.12
3.13
3.15
3.17
3.18
3.19
3.20
3.20.1
3.20.2
3.22
3.23
3.23.1
3.23.2
3.24
3.25
3.25.1
3.26
3.29
3.29.1
3.30

4.*

4.0
4.1
4.2
4.2.1
4.2.2
4.3
4.4
4.5
4.6
4.7
4.8
4.8.1
4.9
4.10
4.11
4.12
4.13
4.14
4.15
4.16
4.17
4.18
4.19
4.20
4.21
4.22
4.23
4.24
4.25
4.26
4.27
4.29
4.30
4.31
4.32
4.33
4.34