Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/neutron@11.0.0
Typepypi
Namespace
Nameneutron
Version11.0.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version23.0.0.0b1
Latest_non_vulnerable_version26.0.0.0b1
Affected_by_vulnerabilities
0
url VCID-4fyj-d9qy-fffp
vulnerability_id VCID-4fyj-d9qy-fffp
summary An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected.
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:0879
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0879
1
reference_url https://access.redhat.com/errata/RHSA-2019:0935
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0935
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10876.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10876.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10876
reference_id
reference_type
scores
0
value 0.00624
scoring_system epss
scoring_elements 0.70094
published_at 2026-04-07T12:55:00Z
1
value 0.00624
scoring_system epss
scoring_elements 0.70185
published_at 2026-04-21T12:55:00Z
2
value 0.00624
scoring_system epss
scoring_elements 0.70206
published_at 2026-04-18T12:55:00Z
3
value 0.00624
scoring_system epss
scoring_elements 0.70196
published_at 2026-04-16T12:55:00Z
4
value 0.00624
scoring_system epss
scoring_elements 0.70102
published_at 2026-04-02T12:55:00Z
5
value 0.00624
scoring_system epss
scoring_elements 0.70117
published_at 2026-04-04T12:55:00Z
6
value 0.00624
scoring_system epss
scoring_elements 0.70141
published_at 2026-04-08T12:55:00Z
7
value 0.00624
scoring_system epss
scoring_elements 0.7009
published_at 2026-04-01T12:55:00Z
8
value 0.00624
scoring_system epss
scoring_elements 0.70154
published_at 2026-04-13T12:55:00Z
9
value 0.00624
scoring_system epss
scoring_elements 0.70166
published_at 2026-04-12T12:55:00Z
10
value 0.00624
scoring_system epss
scoring_elements 0.70181
published_at 2026-04-11T12:55:00Z
11
value 0.00624
scoring_system epss
scoring_elements 0.70157
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10876
4
reference_url https://bugs.launchpad.net/ossa/+bug/1813007
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/ossa/+bug/1813007
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10876
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10876
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2019-189.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2019-189.yaml
9
reference_url https://review.openstack.org/#/q/topic:bug/1813007
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/q/topic:bug/1813007
10
reference_url https://security.openstack.org/ossa/OSSA-2019-002.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2019-002.html
11
reference_url http://www.openwall.com/lists/oss-security/2019/04/09/2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/04/09/2
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1695883
reference_id 1695883
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1695883
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926502
reference_id 926502
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926502
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10876
reference_id CVE-2019-10876
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
4
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10876
18
reference_url https://github.com/advisories/GHSA-jr9m-v5qh-mh2j
reference_id GHSA-jr9m-v5qh-mh2j
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jr9m-v5qh-mh2j
fixed_packages
0
url pkg:pypi/neutron@11.0.7
purl pkg:pypi/neutron@11.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9urm-66y7-s3hs
1
vulnerability VCID-f9bx-xknx-6qbv
2
vulnerability VCID-qua4-h1r7-a7b7
3
vulnerability VCID-sh88-99pv-aqac
4
vulnerability VCID-uf52-su2e-y3ck
5
vulnerability VCID-w7qg-pen7-tfbr
6
vulnerability VCID-wv6g-4622-tqdw
7
vulnerability VCID-ydug-1dq5-aya1
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@11.0.7
1
url pkg:pypi/neutron@12.0.6
purl pkg:pypi/neutron@12.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9urm-66y7-s3hs
1
vulnerability VCID-f9bx-xknx-6qbv
2
vulnerability VCID-qua4-h1r7-a7b7
3
vulnerability VCID-sh88-99pv-aqac
4
vulnerability VCID-uf52-su2e-y3ck
5
vulnerability VCID-w7qg-pen7-tfbr
6
vulnerability VCID-wv6g-4622-tqdw
7
vulnerability VCID-ydug-1dq5-aya1
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@12.0.6
2
url pkg:pypi/neutron@13.0.3
purl pkg:pypi/neutron@13.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9urm-66y7-s3hs
1
vulnerability VCID-f9bx-xknx-6qbv
2
vulnerability VCID-qua4-h1r7-a7b7
3
vulnerability VCID-sh88-99pv-aqac
4
vulnerability VCID-uf52-su2e-y3ck
5
vulnerability VCID-w7qg-pen7-tfbr
6
vulnerability VCID-wv6g-4622-tqdw
7
vulnerability VCID-ydug-1dq5-aya1
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@13.0.3
aliases CVE-2019-10876, GHSA-jr9m-v5qh-mh2j, PYSEC-2019-189
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4fyj-d9qy-fffp
1
url VCID-b3pu-ncrc-wbhn
vulnerability_id VCID-b3pu-ncrc-wbhn
summary An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn't support that option (for example, VRRP), an authenticated user may block further application of security group rules for instances from any project/tenant on the compute hosts to which it's applied. (Only deployments using the iptables security group driver are affected.)
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:0879
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0879
1
reference_url https://access.redhat.com/errata/RHSA-2019:0916
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0916
2
reference_url https://access.redhat.com/errata/RHSA-2019:0935
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0935
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9735.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9735.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9735
reference_id
reference_type
scores
0
value 0.01892
scoring_system epss
scoring_elements 0.83233
published_at 2026-04-21T12:55:00Z
1
value 0.01892
scoring_system epss
scoring_elements 0.83126
published_at 2026-04-01T12:55:00Z
2
value 0.01892
scoring_system epss
scoring_elements 0.83143
published_at 2026-04-02T12:55:00Z
3
value 0.01892
scoring_system epss
scoring_elements 0.83157
published_at 2026-04-04T12:55:00Z
4
value 0.01892
scoring_system epss
scoring_elements 0.83156
published_at 2026-04-07T12:55:00Z
5
value 0.01892
scoring_system epss
scoring_elements 0.8318
published_at 2026-04-08T12:55:00Z
6
value 0.01892
scoring_system epss
scoring_elements 0.83187
published_at 2026-04-09T12:55:00Z
7
value 0.01892
scoring_system epss
scoring_elements 0.83203
published_at 2026-04-11T12:55:00Z
8
value 0.01892
scoring_system epss
scoring_elements 0.83197
published_at 2026-04-12T12:55:00Z
9
value 0.01892
scoring_system epss
scoring_elements 0.83193
published_at 2026-04-13T12:55:00Z
10
value 0.01892
scoring_system epss
scoring_elements 0.8323
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9735
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9735
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9735
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2019-190.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2019-190.yaml
9
reference_url https://launchpad.net/bugs/1818385
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1818385
10
reference_url https://seclists.org/bugtraq/2019/Mar/24
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Mar/24
11
reference_url https://security.openstack.org/ossa/OSSA-2019-001.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2019-001.html
12
reference_url https://usn.ubuntu.com/4036-1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4036-1
13
reference_url https://usn.ubuntu.com/4036-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4036-1/
14
reference_url https://web.archive.org/web/20201208185619/http://www.securityfocus.com/bid/107390
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201208185619/http://www.securityfocus.com/bid/107390
15
reference_url https://www.debian.org/security/2019/dsa-4409
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4409
16
reference_url http://www.openwall.com/lists/oss-security/2019/03/18/2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/03/18/2
17
reference_url http://www.securityfocus.com/bid/107390
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/107390
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1690745
reference_id 1690745
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1690745
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924508
reference_id 924508
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924508
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-9735
reference_id CVE-2019-9735
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:N/A:P
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
3
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
4
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-9735
26
reference_url https://github.com/advisories/GHSA-9773-3fqg-8w25
reference_id GHSA-9773-3fqg-8w25
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9773-3fqg-8w25
fixed_packages
0
url pkg:pypi/neutron@11.0.7
purl pkg:pypi/neutron@11.0.7
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9urm-66y7-s3hs
1
vulnerability VCID-f9bx-xknx-6qbv
2
vulnerability VCID-qua4-h1r7-a7b7
3
vulnerability VCID-sh88-99pv-aqac
4
vulnerability VCID-uf52-su2e-y3ck
5
vulnerability VCID-w7qg-pen7-tfbr
6
vulnerability VCID-wv6g-4622-tqdw
7
vulnerability VCID-ydug-1dq5-aya1
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@11.0.7
1
url pkg:pypi/neutron@12.0.6
purl pkg:pypi/neutron@12.0.6
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9urm-66y7-s3hs
1
vulnerability VCID-f9bx-xknx-6qbv
2
vulnerability VCID-qua4-h1r7-a7b7
3
vulnerability VCID-sh88-99pv-aqac
4
vulnerability VCID-uf52-su2e-y3ck
5
vulnerability VCID-w7qg-pen7-tfbr
6
vulnerability VCID-wv6g-4622-tqdw
7
vulnerability VCID-ydug-1dq5-aya1
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@12.0.6
2
url pkg:pypi/neutron@13.0.3
purl pkg:pypi/neutron@13.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9urm-66y7-s3hs
1
vulnerability VCID-f9bx-xknx-6qbv
2
vulnerability VCID-qua4-h1r7-a7b7
3
vulnerability VCID-sh88-99pv-aqac
4
vulnerability VCID-uf52-su2e-y3ck
5
vulnerability VCID-w7qg-pen7-tfbr
6
vulnerability VCID-wv6g-4622-tqdw
7
vulnerability VCID-ydug-1dq5-aya1
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@13.0.3
aliases CVE-2019-9735, GHSA-9773-3fqg-8w25, PYSEC-2019-190
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b3pu-ncrc-wbhn
2
url VCID-ba8p-f96g-aqc3
vulnerability_id VCID-ba8p-f96g-aqc3
summary Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due to the Open vSwitch integration bridge being connected to the instance during migration. When connected to the integration bridge, all traffic for instances using the same Open vSwitch instance would potentially be visible to the migrated guest, as the required Open vSwitch VLAN filters are only applied post-migration. Versions of openstack-neutron before 13.0.0.0b2, 12.0.3, 11.0.5 are vulnerable.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14636.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14636.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14636
reference_id
reference_type
scores
0
value 0.00203
scoring_system epss
scoring_elements 0.42352
published_at 2026-04-21T12:55:00Z
1
value 0.00203
scoring_system epss
scoring_elements 0.42422
published_at 2026-04-18T12:55:00Z
2
value 0.00203
scoring_system epss
scoring_elements 0.42448
published_at 2026-04-16T12:55:00Z
3
value 0.00203
scoring_system epss
scoring_elements 0.42443
published_at 2026-04-09T12:55:00Z
4
value 0.00203
scoring_system epss
scoring_elements 0.42399
published_at 2026-04-13T12:55:00Z
5
value 0.00203
scoring_system epss
scoring_elements 0.42429
published_at 2026-04-12T12:55:00Z
6
value 0.00203
scoring_system epss
scoring_elements 0.42466
published_at 2026-04-11T12:55:00Z
7
value 0.00203
scoring_system epss
scoring_elements 0.42347
published_at 2026-04-01T12:55:00Z
8
value 0.00203
scoring_system epss
scoring_elements 0.42418
published_at 2026-04-02T12:55:00Z
9
value 0.00203
scoring_system epss
scoring_elements 0.42447
published_at 2026-04-04T12:55:00Z
10
value 0.00203
scoring_system epss
scoring_elements 0.42385
published_at 2026-04-07T12:55:00Z
11
value 0.00203
scoring_system epss
scoring_elements 0.42436
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14636
2
reference_url https://bugs.launchpad.net/neutron/+bug/1734320
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/neutron/+bug/1734320
3
reference_url https://bugs.launchpad.net/neutron/+bug/1767422
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/neutron/+bug/1767422
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14636
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14636
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14636
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14636
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2018-94.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2018-94.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1594977
reference_id 1594977
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1594977
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14636
reference_id CVE-2018-14636
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14636
11
reference_url https://github.com/advisories/GHSA-8q95-jj7p-x93x
reference_id GHSA-8q95-jj7p-x93x
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8q95-jj7p-x93x
fixed_packages
0
url pkg:pypi/neutron@11.0.5
purl pkg:pypi/neutron@11.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4fyj-d9qy-fffp
1
vulnerability VCID-57rk-q94h-3kgz
2
vulnerability VCID-9urm-66y7-s3hs
3
vulnerability VCID-b3pu-ncrc-wbhn
4
vulnerability VCID-f9bx-xknx-6qbv
5
vulnerability VCID-qua4-h1r7-a7b7
6
vulnerability VCID-sh88-99pv-aqac
7
vulnerability VCID-uf52-su2e-y3ck
8
vulnerability VCID-w7qg-pen7-tfbr
9
vulnerability VCID-wv6g-4622-tqdw
10
vulnerability VCID-ydug-1dq5-aya1
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@11.0.5
1
url pkg:pypi/neutron@12.0.3
purl pkg:pypi/neutron@12.0.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-4fyj-d9qy-fffp
1
vulnerability VCID-57rk-q94h-3kgz
2
vulnerability VCID-9urm-66y7-s3hs
3
vulnerability VCID-b3pu-ncrc-wbhn
4
vulnerability VCID-f9bx-xknx-6qbv
5
vulnerability VCID-qua4-h1r7-a7b7
6
vulnerability VCID-sh88-99pv-aqac
7
vulnerability VCID-uf52-su2e-y3ck
8
vulnerability VCID-w7qg-pen7-tfbr
9
vulnerability VCID-wv6g-4622-tqdw
10
vulnerability VCID-ydug-1dq5-aya1
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@12.0.3
2
url pkg:pypi/neutron@13.0.0.0b2
purl pkg:pypi/neutron@13.0.0.0b2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-9urm-66y7-s3hs
1
vulnerability VCID-f9bx-xknx-6qbv
2
vulnerability VCID-qua4-h1r7-a7b7
3
vulnerability VCID-sh88-99pv-aqac
4
vulnerability VCID-uf52-su2e-y3ck
5
vulnerability VCID-w7qg-pen7-tfbr
6
vulnerability VCID-wv6g-4622-tqdw
7
vulnerability VCID-ydug-1dq5-aya1
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@13.0.0.0b2
aliases CVE-2018-14636, GHSA-8q95-jj7p-x93x, PYSEC-2018-94
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ba8p-f96g-aqc3
Fixing_vulnerabilities
Risk_score4.0
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/neutron@11.0.0