Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/neutron@20.3.0
Typepypi
Namespace
Nameneutron
Version20.3.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version23.0.0.0b1
Latest_non_vulnerable_version26.0.0.0b1
Affected_by_vulnerabilities
0
url VCID-ydug-1dq5-aya1
vulnerability_id VCID-ydug-1dq5-aya1
summary 
Uncontrolled Resource Consumption
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significant number of requests, this could lead to a denial of service.
references
0
reference_url https://access.redhat.com/errata/RHSA-2023:4283
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:48:25Z/
url https://access.redhat.com/errata/RHSA-2023:4283
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3637.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3637.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-3637
reference_id
reference_type
scores
0
value 0.00169
scoring_system epss
scoring_elements 0.38016
published_at 2026-04-21T12:55:00Z
1
value 0.00169
scoring_system epss
scoring_elements 0.38038
published_at 2026-04-07T12:55:00Z
2
value 0.00169
scoring_system epss
scoring_elements 0.38089
published_at 2026-04-08T12:55:00Z
3
value 0.00169
scoring_system epss
scoring_elements 0.38097
published_at 2026-04-09T12:55:00Z
4
value 0.00169
scoring_system epss
scoring_elements 0.38115
published_at 2026-04-11T12:55:00Z
5
value 0.00169
scoring_system epss
scoring_elements 0.38078
published_at 2026-04-12T12:55:00Z
6
value 0.00169
scoring_system epss
scoring_elements 0.38054
published_at 2026-04-13T12:55:00Z
7
value 0.00169
scoring_system epss
scoring_elements 0.38099
published_at 2026-04-16T12:55:00Z
8
value 0.00169
scoring_system epss
scoring_elements 0.38079
published_at 2026-04-18T12:55:00Z
9
value 0.00169
scoring_system epss
scoring_elements 0.38145
published_at 2026-04-02T12:55:00Z
10
value 0.00169
scoring_system epss
scoring_elements 0.38168
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-3637
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2222270
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:48:25Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2222270
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.1
reference_id cpe:/a:redhat:openstack:16.1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.1
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.2::el8
reference_id cpe:/a:redhat:openstack:16.2::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.2::el8
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.0
reference_id cpe:/a:redhat:openstack:17.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.0
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1
reference_id cpe:/a:redhat:openstack:17.1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0
reference_id cpe:/a:redhat:openstack:18.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack-optools:13
reference_id cpe:/a:redhat:openstack-optools:13
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack-optools:13
11
reference_url https://access.redhat.com/security/cve/CVE-2023-3637
reference_id CVE-2023-3637
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:48:25Z/
url https://access.redhat.com/security/cve/CVE-2023-3637
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-3637
reference_id CVE-2023-3637
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-3637
13
reference_url https://github.com/advisories/GHSA-r3jh-qhgj-gvr8
reference_id GHSA-r3jh-qhgj-gvr8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r3jh-qhgj-gvr8
fixed_packages
0
url pkg:pypi/neutron@23.0.0.0b1
purl pkg:pypi/neutron@23.0.0.0b1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@23.0.0.0b1
aliases CVE-2023-3637, GHSA-r3jh-qhgj-gvr8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ydug-1dq5-aya1
Fixing_vulnerabilities
0
url VCID-qua4-h1r7-a7b7
vulnerability_id VCID-qua4-h1r7-a7b7
summary 
openstack-neutron uncontrolled resource consumption flaw
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significant number of requests, this could lead to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3277.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3277.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3277
reference_id
reference_type
scores
0
value 0.00402
scoring_system epss
scoring_elements 0.60865
published_at 2026-04-21T12:55:00Z
1
value 0.00546
scoring_system epss
scoring_elements 0.67837
published_at 2026-04-13T12:55:00Z
2
value 0.00546
scoring_system epss
scoring_elements 0.67873
published_at 2026-04-16T12:55:00Z
3
value 0.00546
scoring_system epss
scoring_elements 0.678
published_at 2026-04-02T12:55:00Z
4
value 0.00546
scoring_system epss
scoring_elements 0.67864
published_at 2026-04-09T12:55:00Z
5
value 0.00546
scoring_system epss
scoring_elements 0.6785
published_at 2026-04-08T12:55:00Z
6
value 0.00546
scoring_system epss
scoring_elements 0.67799
published_at 2026-04-07T12:55:00Z
7
value 0.00546
scoring_system epss
scoring_elements 0.67819
published_at 2026-04-04T12:55:00Z
8
value 0.00546
scoring_system epss
scoring_elements 0.67887
published_at 2026-04-11T12:55:00Z
9
value 0.00546
scoring_system epss
scoring_elements 0.67886
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3277
2
reference_url https://bugs.launchpad.net/neutron/+bug/1988026
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T15:54:44Z/
url https://bugs.launchpad.net/neutron/+bug/1988026
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2129193
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T15:54:44Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2129193
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3277
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3277
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
7
reference_url https://github.com/openstack/neutron/commit/01fc2b9195f999df4d810df4ee63f77ecbc81f7e
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/01fc2b9195f999df4d810df4ee63f77ecbc81f7e
8
reference_url https://github.com/openstack/neutron/commit/717e3e09556f1fb9a7a420863746fa785eb6c316
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/717e3e09556f1fb9a7a420863746fa785eb6c316
9
reference_url https://github.com/openstack/neutron/commit/733ef4f2d8c2a3734c360d1c1dd3a6fcd600cb8c
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/733ef4f2d8c2a3734c360d1c1dd3a6fcd600cb8c
10
reference_url https://github.com/openstack/neutron/commit/cbeee87fa44cd200d4997e02042098460167dce1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/cbeee87fa44cd200d4997e02042098460167dce1
11
reference_url https://github.com/openstack/neutron/commit/d0e1b54fb1de932b2b30ab4269cf5789632df476
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/d0e1b54fb1de932b2b30ab4269cf5789632df476
12
reference_url https://github.com/openstack/neutron/commit/fd7fb0e9d8c602380f54975367d935ab69e10c05
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/fd7fb0e9d8c602380f54975367d935ab69e10c05
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027150
reference_id 1027150
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027150
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3277
reference_id CVE-2022-3277
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-3277
15
reference_url https://github.com/advisories/GHSA-w446-h7vg-wv3p
reference_id GHSA-w446-h7vg-wv3p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w446-h7vg-wv3p
16
reference_url https://access.redhat.com/errata/RHSA-2022:8855
reference_id RHSA-2022:8855
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8855
17
reference_url https://access.redhat.com/errata/RHSA-2022:8870
reference_id RHSA-2022:8870
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8870
18
reference_url https://access.redhat.com/errata/RHSA-2023:0275
reference_id RHSA-2023:0275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0275
19
reference_url https://usn.ubuntu.com/6067-1/
reference_id USN-6067-1
reference_type
scores
url https://usn.ubuntu.com/6067-1/
fixed_packages
0
url pkg:pypi/neutron@18.6.0
purl pkg:pypi/neutron@18.6.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ydug-1dq5-aya1
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@18.6.0
1
url pkg:pypi/neutron@19.5.0
purl pkg:pypi/neutron@19.5.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ydug-1dq5-aya1
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@19.5.0
2
url pkg:pypi/neutron@20.3.0
purl pkg:pypi/neutron@20.3.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ydug-1dq5-aya1
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@20.3.0
3
url pkg:pypi/neutron@21.0.0.0rc1
purl pkg:pypi/neutron@21.0.0.0rc1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-ydug-1dq5-aya1
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@21.0.0.0rc1
aliases CVE-2022-3277, GHSA-w446-h7vg-wv3p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qua4-h1r7-a7b7
Risk_score3.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/neutron@20.3.0