How severe is CVE-2019-15753?

This vulnerability has a severity rating of CRITICAL with a CVSS score of 9.1 out of 10.

What type of vulnerability is CVE-2019-15753?

This is classified as CWE-770, which is a common weakness in software security.

CVE-2019-15753 - CRITICAL Severity | CVSS 9.1

Vulnerability Description

In OpenStack os-vif 1.15.x before 1.15.2, and 1.16.0, a hard-coded MAC aging time of 0 disables MAC learning in linuxbridge, forcing obligatory Ethernet flooding of non-local destinations, which both impedes network performance and allows users to possibly view the content of packets for instances belonging to other tenants sharing the same network. Only deployments using the linuxbridge backend are affected. This occurs in PyRoute2.add() in internal/command/ip/linux/impl_pyroute2.py.

Related Vulnerabilities

CVE-2022-32559

CRITICAL

CVSS:9.1(Critical)

An issue was discovered in Couchbase Server before 7.0.4. Random HTTP requests lead to leaked metrics.

CWE-7702022

CVE-2023-27958

CRITICAL

CVSS:9.1(Critical)

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected system term...

CWE-7702023

CVE-2024-38821

CRITICAL

CVSS:9.1(Critical)

Spring WebFlux applications that have Spring Security authorization rules on static resources can be bypassed under certain circumstances. For this to impact an application, all of the following must ...

CWE-7702024

CVE-2019-10088

HIGH

CVSS:8.8(High)

A carefully crafted or corrupt zip file can cause an OOM in Apache Tika's RecursiveParserWrapper in versions 1.7-1.21. Users should upgrade to 1.22 or later.

CWE-7702019

CVE-2019-7581

HIGH

CVSS:8.8(High)

The parseSWF_ACTIONRECORD function in util/parser.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure, a diff...

CWE-7702019

CVE-2019-7582

HIGH

CVSS:8.8(High)

The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure.

CWE-7702019