Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/neutron@14.0.4
Typepypi
Namespace
Nameneutron
Version14.0.4
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version16.4.1
Latest_non_vulnerable_version2015.1.1
Affected_by_vulnerabilities
0
url VCID-euk9-aaqn-4qa8
vulnerability_id VCID-euk9-aaqn-4qa8
summary A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some cases possibly interception of traffic intended for other destinations. Only deployments using the Open vSwitch driver are affected. Source: OpenStack project. Versions before openstack-neutron 15.3.3, openstack-neutron 16.3.1 and openstack-neutron 17.1.1 are affected.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20267
reference_id
reference_type
scores
0
value 0.00126
scoring_system epss
scoring_elements 0.31586
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20267
1
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1934330
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1934330
2
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-136.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-136.yaml
4
reference_url https://security.openstack.org/ossa/OSSA-2021-001.html
reference_id
reference_type
scores
url https://security.openstack.org/ossa/OSSA-2021-001.html
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20267
reference_id CVE-2021-20267
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-20267
6
reference_url https://github.com/advisories/GHSA-w8hx-f868-pvch
reference_id GHSA-w8hx-f868-pvch
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w8hx-f868-pvch
7
reference_url https://usn.ubuntu.com/6067-1/
reference_id USN-6067-1
reference_type
scores
url https://usn.ubuntu.com/6067-1/
fixed_packages
0
url pkg:pypi/neutron@15.3.3
purl pkg:pypi/neutron@15.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j5k3-2tqh-gucf
1
vulnerability VCID-kp6z-cahn-4fa2
2
vulnerability VCID-x5uf-31ga-huch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@15.3.3
1
url pkg:pypi/neutron@16.3.1
purl pkg:pypi/neutron@16.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j5k3-2tqh-gucf
1
vulnerability VCID-kp6z-cahn-4fa2
2
vulnerability VCID-x5uf-31ga-huch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@16.3.1
2
url pkg:pypi/neutron@17.1.1
purl pkg:pypi/neutron@17.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j5k3-2tqh-gucf
1
vulnerability VCID-kp6z-cahn-4fa2
2
vulnerability VCID-x5uf-31ga-huch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@17.1.1
aliases CVE-2021-20267, GHSA-w8hx-f868-pvch, PYSEC-2021-136
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-euk9-aaqn-4qa8
1
url VCID-j5k3-2tqh-gucf
vulnerability_id VCID-j5k3-2tqh-gucf
summary An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-40085
reference_id
reference_type
scores
0
value 0.01348
scoring_system epss
scoring_elements 0.80395
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-40085
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/openstack/neutron/commit/df891f0593d234e01f27d7c0376d9702e178ecfb
reference_id
reference_type
scores
url https://github.com/openstack/neutron/commit/df891f0593d234e01f27d7c0376d9702e178ecfb
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-361.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-361.yaml
4
reference_url https://launchpad.net/bugs/1939733
reference_id
reference_type
scores
url https://launchpad.net/bugs/1939733
5
reference_url https://lists.debian.org/debian-lts-announce/2021/10/msg00005.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2021/10/msg00005.html
6
reference_url https://lists.debian.org/debian-lts-announce/2022/05/msg00038.html
reference_id
reference_type
scores
url https://lists.debian.org/debian-lts-announce/2022/05/msg00038.html
7
reference_url https://security.openstack.org/ossa/OSSA-2021-005.html
reference_id
reference_type
scores
url https://security.openstack.org/ossa/OSSA-2021-005.html
8
reference_url https://www.debian.org/security/2021/dsa-4983
reference_id
reference_type
scores
url https://www.debian.org/security/2021/dsa-4983
9
reference_url http://www.openwall.com/lists/oss-security/2021/08/31/2
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2021/08/31/2
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-40085
reference_id CVE-2021-40085
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-40085
11
reference_url https://github.com/advisories/GHSA-fh73-gjvg-349c
reference_id GHSA-fh73-gjvg-349c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fh73-gjvg-349c
12
reference_url https://usn.ubuntu.com/6067-1/
reference_id USN-6067-1
reference_type
scores
url https://usn.ubuntu.com/6067-1/
fixed_packages
0
url pkg:pypi/neutron@16.4.1
purl pkg:pypi/neutron@16.4.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@16.4.1
1
url pkg:pypi/neutron@17.2.1
purl pkg:pypi/neutron@17.2.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@17.2.1
2
url pkg:pypi/neutron@18.1.1
purl pkg:pypi/neutron@18.1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@18.1.1
aliases CVE-2021-40085, GHSA-fh73-gjvg-349c, PYSEC-2021-361
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j5k3-2tqh-gucf
2
url VCID-kp6z-cahn-4fa2
vulnerability_id VCID-kp6z-cahn-4fa2
summary OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the hardware addresses of other systems on the network, resulting in denial of service or in some cases possibly interception of traffic intended for other destinations.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-38598
reference_id
reference_type
scores
0
value 0.00138
scoring_system epss
scoring_elements 0.33599
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-38598
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/openstack/neutron/commit/0a931391d8990f3e654b4bfda24ae4119c609bbf
reference_id
reference_type
scores
url https://github.com/openstack/neutron/commit/0a931391d8990f3e654b4bfda24ae4119c609bbf
3
reference_url https://github.com/openstack/neutron/commit/cc0d28a3e2ccfad6fc2ff24d78f009cbe3992575
reference_id
reference_type
scores
url https://github.com/openstack/neutron/commit/cc0d28a3e2ccfad6fc2ff24d78f009cbe3992575
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-360.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-360.yaml
5
reference_url https://launchpad.net/bugs/1938670
reference_id
reference_type
scores
url https://launchpad.net/bugs/1938670
6
reference_url https://opendev.org/openstack/neutron/commit/fafa5dacd5057120562184a734e7345e7c0e9639
reference_id
reference_type
scores
url https://opendev.org/openstack/neutron/commit/fafa5dacd5057120562184a734e7345e7c0e9639
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-38598
reference_id CVE-2021-38598
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-38598
8
reference_url https://github.com/advisories/GHSA-hvm4-mc7m-22w4
reference_id GHSA-hvm4-mc7m-22w4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hvm4-mc7m-22w4
9
reference_url https://usn.ubuntu.com/6067-1/
reference_id USN-6067-1
reference_type
scores
url https://usn.ubuntu.com/6067-1/
fixed_packages
0
url pkg:pypi/neutron@16.4.1
purl pkg:pypi/neutron@16.4.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@16.4.1
1
url pkg:pypi/neutron@17.1.3
purl pkg:pypi/neutron@17.1.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@17.1.3
2
url pkg:pypi/neutron@18.1.0
purl pkg:pypi/neutron@18.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-j5k3-2tqh-gucf
1
vulnerability VCID-x5uf-31ga-huch
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@18.1.0
aliases CVE-2021-38598, GHSA-hvm4-mc7m-22w4, PYSEC-2021-360
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kp6z-cahn-4fa2
3
url VCID-x5uf-31ga-huch
vulnerability_id VCID-x5uf-31ga-huch
summary An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. By making API requests involving nonexistent controllers, an authenticated user may cause the API worker to consume increasing amounts of memory, resulting in API performance degradation or denial of service.
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-40797
reference_id
reference_type
scores
0
value 0.00694
scoring_system epss
scoring_elements 0.72211
published_at 2026-05-30T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-40797
1
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2
reference_url https://github.com/openstack/neutron/commit/e610a5eb9e71aa2549fb11e2139370d227787da2
reference_id
reference_type
scores
url https://github.com/openstack/neutron/commit/e610a5eb9e71aa2549fb11e2139370d227787da2
3
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-329.yaml
reference_id
reference_type
scores
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-329.yaml
4
reference_url https://launchpad.net/bugs/1942179
reference_id
reference_type
scores
url https://launchpad.net/bugs/1942179
5
reference_url https://security.openstack.org/ossa/OSSA-2021-006.html
reference_id
reference_type
scores
url https://security.openstack.org/ossa/OSSA-2021-006.html
6
reference_url http://www.openwall.com/lists/oss-security/2021/09/09/2
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2021/09/09/2
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-40797
reference_id CVE-2021-40797
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2021-40797
8
reference_url https://github.com/advisories/GHSA-cpx3-696p-3cw9
reference_id GHSA-cpx3-696p-3cw9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cpx3-696p-3cw9
9
reference_url https://usn.ubuntu.com/6067-1/
reference_id USN-6067-1
reference_type
scores
url https://usn.ubuntu.com/6067-1/
fixed_packages
0
url pkg:pypi/neutron@16.4.1
purl pkg:pypi/neutron@16.4.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@16.4.1
1
url pkg:pypi/neutron@17.2.1
purl pkg:pypi/neutron@17.2.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@17.2.1
2
url pkg:pypi/neutron@18.1.1
purl pkg:pypi/neutron@18.1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@18.1.1
aliases CVE-2021-40797, GHSA-cpx3-696p-3cw9, PYSEC-2021-329
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-x5uf-31ga-huch
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/neutron@14.0.4