Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
Typedeb
Namespacedebian
Nameneutron
Version2:21.0.0-7
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2:25.0.0-2
Latest_non_vulnerable_version2:28.0.0-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-26nq-rncj-qbbv
vulnerability_id VCID-26nq-rncj-qbbv
summary openstack-neutron: regression of fix for CVE-2013-6433
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1339.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1339.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3632.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3632.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3632
reference_id
reference_type
scores
0
value 0.01213
scoring_system epss
scoring_elements 0.79027
published_at 2026-04-21T12:55:00Z
1
value 0.01213
scoring_system epss
scoring_elements 0.78956
published_at 2026-04-01T12:55:00Z
2
value 0.01213
scoring_system epss
scoring_elements 0.78962
published_at 2026-04-02T12:55:00Z
3
value 0.01213
scoring_system epss
scoring_elements 0.78989
published_at 2026-04-04T12:55:00Z
4
value 0.01213
scoring_system epss
scoring_elements 0.78974
published_at 2026-04-07T12:55:00Z
5
value 0.01213
scoring_system epss
scoring_elements 0.78998
published_at 2026-04-08T12:55:00Z
6
value 0.01213
scoring_system epss
scoring_elements 0.79004
published_at 2026-04-09T12:55:00Z
7
value 0.01213
scoring_system epss
scoring_elements 0.79028
published_at 2026-04-18T12:55:00Z
8
value 0.01213
scoring_system epss
scoring_elements 0.79013
published_at 2026-04-12T12:55:00Z
9
value 0.01213
scoring_system epss
scoring_elements 0.79003
published_at 2026-04-13T12:55:00Z
10
value 0.01213
scoring_system epss
scoring_elements 0.79031
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3632
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1140949
reference_id 1140949
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1140949
4
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3632
reference_id CVE-2014-3632
reference_type
scores
0
value 7.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:C/I:C/A:C
url https://nvd.nist.gov/vuln/detail/CVE-2014-3632
6
reference_url https://access.redhat.com/errata/RHSA-2014:1339
reference_id RHSA-2014:1339
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1339
fixed_packages
0
url pkg:deb/debian/neutron@0?distro=trixie
purl pkg:deb/debian/neutron@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@0%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2014-3632
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-26nq-rncj-qbbv
1
url VCID-4fyj-d9qy-fffp
vulnerability_id VCID-4fyj-d9qy-fffp
summary An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected.
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:0879
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0879
1
reference_url https://access.redhat.com/errata/RHSA-2019:0935
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0935
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10876.json
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10876.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-10876
reference_id
reference_type
scores
0
value 0.00624
scoring_system epss
scoring_elements 0.70094
published_at 2026-04-07T12:55:00Z
1
value 0.00624
scoring_system epss
scoring_elements 0.70185
published_at 2026-04-21T12:55:00Z
2
value 0.00624
scoring_system epss
scoring_elements 0.70206
published_at 2026-04-18T12:55:00Z
3
value 0.00624
scoring_system epss
scoring_elements 0.70196
published_at 2026-04-16T12:55:00Z
4
value 0.00624
scoring_system epss
scoring_elements 0.70102
published_at 2026-04-02T12:55:00Z
5
value 0.00624
scoring_system epss
scoring_elements 0.70117
published_at 2026-04-04T12:55:00Z
6
value 0.00624
scoring_system epss
scoring_elements 0.70141
published_at 2026-04-08T12:55:00Z
7
value 0.00624
scoring_system epss
scoring_elements 0.7009
published_at 2026-04-01T12:55:00Z
8
value 0.00624
scoring_system epss
scoring_elements 0.70154
published_at 2026-04-13T12:55:00Z
9
value 0.00624
scoring_system epss
scoring_elements 0.70166
published_at 2026-04-12T12:55:00Z
10
value 0.00624
scoring_system epss
scoring_elements 0.70181
published_at 2026-04-11T12:55:00Z
11
value 0.00624
scoring_system epss
scoring_elements 0.70157
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-10876
4
reference_url https://bugs.launchpad.net/ossa/+bug/1813007
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/ossa/+bug/1813007
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10876
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10876
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2019-189.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2019-189.yaml
9
reference_url https://review.openstack.org/#/q/topic:bug/1813007
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/q/topic:bug/1813007
10
reference_url https://security.openstack.org/ossa/OSSA-2019-002.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2019-002.html
11
reference_url http://www.openwall.com/lists/oss-security/2019/04/09/2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/04/09/2
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1695883
reference_id 1695883
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1695883
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926502
reference_id 926502
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=926502
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-10876
reference_id CVE-2019-10876
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:P/I:N/A:N
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
2
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
3
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
4
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-10876
18
reference_url https://github.com/advisories/GHSA-jr9m-v5qh-mh2j
reference_id GHSA-jr9m-v5qh-mh2j
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-jr9m-v5qh-mh2j
fixed_packages
0
url pkg:deb/debian/neutron@2:13.0.2-15?distro=trixie
purl pkg:deb/debian/neutron@2:13.0.2-15?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:13.0.2-15%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2019-10876, GHSA-jr9m-v5qh-mh2j, PYSEC-2019-189
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4fyj-d9qy-fffp
2
url VCID-57rk-q94h-3kgz
vulnerability_id VCID-57rk-q94h-3kgz
summary When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from outside of the allowed allocation pool. Versions of openstack-neutron before 13.0.0.0b2, 12.0.3 and 11.0.5 are vulnerable.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2710
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2710
1
reference_url https://access.redhat.com/errata/RHSA-2018:2715
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2715
2
reference_url https://access.redhat.com/errata/RHSA-2018:2721
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2721
3
reference_url https://access.redhat.com/errata/RHSA-2018:3792
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3792
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14635.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14635.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14635
reference_id
reference_type
scores
0
value 0.00306
scoring_system epss
scoring_elements 0.53891
published_at 2026-04-11T12:55:00Z
1
value 0.00306
scoring_system epss
scoring_elements 0.53873
published_at 2026-04-12T12:55:00Z
2
value 0.00306
scoring_system epss
scoring_elements 0.53857
published_at 2026-04-13T12:55:00Z
3
value 0.00306
scoring_system epss
scoring_elements 0.53896
published_at 2026-04-16T12:55:00Z
4
value 0.00306
scoring_system epss
scoring_elements 0.539
published_at 2026-04-18T12:55:00Z
5
value 0.00306
scoring_system epss
scoring_elements 0.53881
published_at 2026-04-21T12:55:00Z
6
value 0.00306
scoring_system epss
scoring_elements 0.53845
published_at 2026-04-08T12:55:00Z
7
value 0.00306
scoring_system epss
scoring_elements 0.53819
published_at 2026-04-04T12:55:00Z
8
value 0.00306
scoring_system epss
scoring_elements 0.53793
published_at 2026-04-07T12:55:00Z
9
value 0.00306
scoring_system epss
scoring_elements 0.53773
published_at 2026-04-01T12:55:00Z
10
value 0.00306
scoring_system epss
scoring_elements 0.53843
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14635
6
reference_url https://bugs.launchpad.net/neutron/+bug/1757482
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/neutron/+bug/1757482
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14635
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14635
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14635
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14635
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
11
reference_url https://github.com/openstack/neutron/commit/54aa6e81cb17b33ce4d5d469cc11dec2869c762d
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/54aa6e81cb17b33ce4d5d469cc11dec2869c762d
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2018-93.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2018-93.yaml
13
reference_url https://git.openstack.org/cgit/openstack/neutron/commit/?id=54aa6e81cb17b33ce4d5d469cc11dec2869c762d
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openstack.org/cgit/openstack/neutron/commit/?id=54aa6e81cb17b33ce4d5d469cc11dec2869c762d
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1607822
reference_id 1607822
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1607822
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14635
reference_id CVE-2018-14635
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14635
16
reference_url https://github.com/advisories/GHSA-x634-34m9-96mp
reference_id GHSA-x634-34m9-96mp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x634-34m9-96mp
fixed_packages
0
url pkg:deb/debian/neutron@2:13.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:13.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:13.0.0-1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2018-14635, GHSA-x634-34m9-96mp, PYSEC-2018-93
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-57rk-q94h-3kgz
3
url VCID-5j9j-5nv7-wyem
vulnerability_id VCID-5j9j-5nv7-wyem
summary openstack-neutron: security groups bypass through invalid CIDR
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0187.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0187.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0187
reference_id
reference_type
scores
0
value 0.0049
scoring_system epss
scoring_elements 0.65496
published_at 2026-04-01T12:55:00Z
1
value 0.0049
scoring_system epss
scoring_elements 0.65545
published_at 2026-04-02T12:55:00Z
2
value 0.0049
scoring_system epss
scoring_elements 0.65575
published_at 2026-04-04T12:55:00Z
3
value 0.0049
scoring_system epss
scoring_elements 0.65541
published_at 2026-04-07T12:55:00Z
4
value 0.0049
scoring_system epss
scoring_elements 0.65593
published_at 2026-04-08T12:55:00Z
5
value 0.0049
scoring_system epss
scoring_elements 0.65605
published_at 2026-04-09T12:55:00Z
6
value 0.0049
scoring_system epss
scoring_elements 0.65624
published_at 2026-04-11T12:55:00Z
7
value 0.0049
scoring_system epss
scoring_elements 0.65611
published_at 2026-04-12T12:55:00Z
8
value 0.0049
scoring_system epss
scoring_elements 0.65582
published_at 2026-04-13T12:55:00Z
9
value 0.0049
scoring_system epss
scoring_elements 0.65618
published_at 2026-04-16T12:55:00Z
10
value 0.0049
scoring_system epss
scoring_elements 0.6563
published_at 2026-04-18T12:55:00Z
11
value 0.0049
scoring_system epss
scoring_elements 0.65613
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0187
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0187
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0187
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1090132
reference_id 1090132
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1090132
4
reference_url https://access.redhat.com/errata/RHSA-2014:0899
reference_id RHSA-2014:0899
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0899
5
reference_url https://usn.ubuntu.com/2255-1/
reference_id USN-2255-1
reference_type
scores
url https://usn.ubuntu.com/2255-1/
fixed_packages
0
url pkg:deb/debian/neutron@2014.1.2-1?distro=trixie
purl pkg:deb/debian/neutron@2014.1.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2014.1.2-1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2014-0187
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5j9j-5nv7-wyem
4
url VCID-6j79-2nz1-53cs
vulnerability_id VCID-6j79-2nz1-53cs
summary 
OpenStack Neutron allows remote attackers to bypass an intended DHCP-spoofing protection mechanism
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message.
references
0
reference_url https://access.redhat.com/errata/RHSA-2016:1473
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1473
1
reference_url https://access.redhat.com/errata/RHSA-2016:1474
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1474
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5362.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5362.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5362
reference_id
reference_type
scores
0
value 0.0631
scoring_system epss
scoring_elements 0.90967
published_at 2026-04-12T12:55:00Z
1
value 0.0631
scoring_system epss
scoring_elements 0.90989
published_at 2026-04-18T12:55:00Z
2
value 0.0631
scoring_system epss
scoring_elements 0.90991
published_at 2026-04-21T12:55:00Z
3
value 0.0631
scoring_system epss
scoring_elements 0.90915
published_at 2026-04-01T12:55:00Z
4
value 0.0631
scoring_system epss
scoring_elements 0.90966
published_at 2026-04-13T12:55:00Z
5
value 0.0631
scoring_system epss
scoring_elements 0.90957
published_at 2026-04-09T12:55:00Z
6
value 0.0631
scoring_system epss
scoring_elements 0.90951
published_at 2026-04-08T12:55:00Z
7
value 0.0631
scoring_system epss
scoring_elements 0.9094
published_at 2026-04-07T12:55:00Z
8
value 0.0631
scoring_system epss
scoring_elements 0.90929
published_at 2026-04-04T12:55:00Z
9
value 0.0631
scoring_system epss
scoring_elements 0.9092
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5362
4
reference_url https://bugs.launchpad.net/neutron/+bug/1558658
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/neutron/+bug/1558658
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5362
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5362
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
8
reference_url https://review.openstack.org/#/c/300202
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/300202
9
reference_url https://review.openstack.org/#/c/300202/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/300202/
10
reference_url https://review.openstack.org/#/c/303563
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/303563
11
reference_url https://review.openstack.org/#/c/303563/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/303563/
12
reference_url https://review.openstack.org/#/c/303572
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/303572
13
reference_url https://review.openstack.org/#/c/303572/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/303572/
14
reference_url https://security.openstack.org/ossa/OSSA-2016-009.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2016-009.html
15
reference_url http://www.openwall.com/lists/oss-security/2016/06/10/5
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/06/10/5
16
reference_url http://www.openwall.com/lists/oss-security/2016/06/10/6
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/06/10/6
17
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1345889
reference_id 1345889
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1345889
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5362
reference_id CVE-2016-5362
reference_type
scores
0
value 6.4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:P
1
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
2
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5362
20
reference_url https://github.com/advisories/GHSA-qpwc-p365-pqrr
reference_id GHSA-qpwc-p365-pqrr
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-qpwc-p365-pqrr
fixed_packages
0
url pkg:deb/debian/neutron@2:8.1.2-1?distro=trixie
purl pkg:deb/debian/neutron@2:8.1.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:8.1.2-1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2016-5362, GHSA-qpwc-p365-pqrr
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6j79-2nz1-53cs
5
url VCID-7sem-1dhy-vbdw
vulnerability_id VCID-7sem-1dhy-vbdw
summary 
OpenStack Neutron Intended MAC-spoofing protection mechanism bypass
The IPTables firewall in OpenStack Neutron up to 7.0.4 and 8.x before 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via (1) a crafted DHCP discovery message or (2) crafted non-IP traffic.
references
0
reference_url https://access.redhat.com/errata/RHSA-2016:1473
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1473
1
reference_url https://access.redhat.com/errata/RHSA-2016:1474
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1474
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5363.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-5363.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2016-5363
reference_id
reference_type
scores
0
value 0.04749
scoring_system epss
scoring_elements 0.89436
published_at 2026-04-12T12:55:00Z
1
value 0.04749
scoring_system epss
scoring_elements 0.89438
published_at 2026-04-11T12:55:00Z
2
value 0.04749
scoring_system epss
scoring_elements 0.89429
published_at 2026-04-09T12:55:00Z
3
value 0.04749
scoring_system epss
scoring_elements 0.89425
published_at 2026-04-08T12:55:00Z
4
value 0.04749
scoring_system epss
scoring_elements 0.89409
published_at 2026-04-07T12:55:00Z
5
value 0.04749
scoring_system epss
scoring_elements 0.89407
published_at 2026-04-04T12:55:00Z
6
value 0.04749
scoring_system epss
scoring_elements 0.89397
published_at 2026-04-02T12:55:00Z
7
value 0.04749
scoring_system epss
scoring_elements 0.89392
published_at 2026-04-01T12:55:00Z
8
value 0.04749
scoring_system epss
scoring_elements 0.89446
published_at 2026-04-21T12:55:00Z
9
value 0.04749
scoring_system epss
scoring_elements 0.89448
published_at 2026-04-18T12:55:00Z
10
value 0.04749
scoring_system epss
scoring_elements 0.89447
published_at 2026-04-16T12:55:00Z
11
value 0.04749
scoring_system epss
scoring_elements 0.89432
published_at 2026-04-13T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2016-5363
4
reference_url https://bugs.launchpad.net/neutron/+bug/1558658
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/neutron/+bug/1558658
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5363
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5363
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
8
reference_url https://github.com/openstack/neutron/commit/5853af9cba6733725d6c9ac0db644f426713f0cf
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/5853af9cba6733725d6c9ac0db644f426713f0cf
9
reference_url https://github.com/openstack/neutron/commit/6a93ee8ac1a901c255e3475a24f1afc11d8bf80f
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/6a93ee8ac1a901c255e3475a24f1afc11d8bf80f
10
reference_url https://github.com/openstack/neutron/commit/997d7b03fb7f5528f0a3ce70867b9dcd9321509e
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/997d7b03fb7f5528f0a3ce70867b9dcd9321509e
11
reference_url https://github.com/openstack/neutron/commit/fd5fd259a02156babdfcb12f66cde6ec9e7274ae
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/fd5fd259a02156babdfcb12f66cde6ec9e7274ae
12
reference_url https://review.openstack.org/#/c/299021
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/299021
13
reference_url https://review.openstack.org/#/c/299021/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/299021/
14
reference_url https://review.openstack.org/#/c/299023
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/299023
15
reference_url https://review.openstack.org/#/c/299023/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/299023/
16
reference_url https://review.openstack.org/#/c/299025
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/299025
17
reference_url https://review.openstack.org/#/c/299025/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/299025/
18
reference_url https://security.openstack.org/ossa/OSSA-2016-009.html
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2016-009.html
19
reference_url http://www.openwall.com/lists/oss-security/2016/06/10/5
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/06/10/5
20
reference_url http://www.openwall.com/lists/oss-security/2016/06/10/6
reference_id
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
1
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/06/10/6
21
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1345891
reference_id 1345891
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1345891
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:7.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:7.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:7.0.0:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:7.0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:7.0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:7.0.1:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:7.0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:7.0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:7.0.2:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:7.0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:7.0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:7.0.3:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:7.0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:7.0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:7.0.4:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:8.0.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:8.0.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:8.0.0:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:8.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:8.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:8.1.0:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5363
reference_id CVE-2016-5363
reference_type
scores
0
value 6.4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:P
1
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
2
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
3
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2016-5363
30
reference_url https://github.com/advisories/GHSA-9pp3-cvmq-9p22
reference_id GHSA-9pp3-cvmq-9p22
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9pp3-cvmq-9p22
fixed_packages
0
url pkg:deb/debian/neutron@2:8.1.2-1?distro=trixie
purl pkg:deb/debian/neutron@2:8.1.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:8.1.2-1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2016-5363, GHSA-9pp3-cvmq-9p22
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7sem-1dhy-vbdw
6
url VCID-9urm-66y7-s3hs
vulnerability_id VCID-9urm-66y7-s3hs
summary 
OpenStack Neutron allows remote authenticated users to cause a denial of service
OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (crash or long firewall rule updates) by creating a large number of allowed address pairs.
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2014-July/000255.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2014-July/000255.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-1119.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1119.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2014-1120.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-1120.html
3
reference_url https://access.redhat.com/errata/RHSA-2014:1078
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1078
4
reference_url https://access.redhat.com/errata/RHSA-2014:1119
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1119
5
reference_url https://access.redhat.com/errata/RHSA-2014:1120
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:1120
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3555.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-3555.json
7
reference_url https://access.redhat.com/security/cve/CVE-2014-3555
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2014-3555
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-3555
reference_id
reference_type
scores
0
value 0.00931
scoring_system epss
scoring_elements 0.76156
published_at 2026-04-18T12:55:00Z
1
value 0.00931
scoring_system epss
scoring_elements 0.76085
published_at 2026-04-04T12:55:00Z
2
value 0.00931
scoring_system epss
scoring_elements 0.76066
published_at 2026-04-07T12:55:00Z
3
value 0.00931
scoring_system epss
scoring_elements 0.76099
published_at 2026-04-08T12:55:00Z
4
value 0.00931
scoring_system epss
scoring_elements 0.76113
published_at 2026-04-09T12:55:00Z
5
value 0.00931
scoring_system epss
scoring_elements 0.76139
published_at 2026-04-21T12:55:00Z
6
value 0.00931
scoring_system epss
scoring_elements 0.76115
published_at 2026-04-12T12:55:00Z
7
value 0.00931
scoring_system epss
scoring_elements 0.76112
published_at 2026-04-13T12:55:00Z
8
value 0.00931
scoring_system epss
scoring_elements 0.76153
published_at 2026-04-16T12:55:00Z
9
value 0.00931
scoring_system epss
scoring_elements 0.7605
published_at 2026-04-01T12:55:00Z
10
value 0.00931
scoring_system epss
scoring_elements 0.76053
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-3555
9
reference_url https://bugs.launchpad.net/neutron/+bug/1336207
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/neutron/+bug/1336207
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1118833
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1118833
11
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3555
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3555
12
reference_url http://seclists.org/oss-sec/2014/q3/200
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://seclists.org/oss-sec/2014/q3/200
13
reference_url http://secunia.com/advisories/60766
reference_id
reference_type
scores
url http://secunia.com/advisories/60766
14
reference_url http://secunia.com/advisories/60804
reference_id
reference_type
scores
url http://secunia.com/advisories/60804
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-3555
reference_id
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:N/A:P
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-3555
16
reference_url https://opendev.org/openstack/neutron
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/neutron
17
reference_url https://web.archive.org/web/20200228142429/http://www.securityfocus.com/bid/68765
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228142429/http://www.securityfocus.com/bid/68765
18
reference_url http://www.securityfocus.com/bid/68765
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/68765
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755134
reference_id 755134
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=755134
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2013.2.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:2013.2.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2013.2.4:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2014.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:2014.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2014.1.1:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:juno-1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:juno-1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:juno-1:*:*:*:*:*:*:*
24
reference_url https://github.com/advisories/GHSA-4pmp-38hf-rmwj
reference_id GHSA-4pmp-38hf-rmwj
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-4pmp-38hf-rmwj
25
reference_url https://usn.ubuntu.com/2321-1/
reference_id USN-2321-1
reference_type
scores
url https://usn.ubuntu.com/2321-1/
fixed_packages
0
url pkg:deb/debian/neutron@2014.1.1-3?distro=trixie
purl pkg:deb/debian/neutron@2014.1.1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2014.1.1-3%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2014-3555, GHSA-4pmp-38hf-rmwj
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9urm-66y7-s3hs
7
url VCID-b3pu-ncrc-wbhn
vulnerability_id VCID-b3pu-ncrc-wbhn
summary An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn't support that option (for example, VRRP), an authenticated user may block further application of security group rules for instances from any project/tenant on the compute hosts to which it's applied. (Only deployments using the iptables security group driver are affected.)
references
0
reference_url https://access.redhat.com/errata/RHSA-2019:0879
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0879
1
reference_url https://access.redhat.com/errata/RHSA-2019:0916
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0916
2
reference_url https://access.redhat.com/errata/RHSA-2019:0935
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2019:0935
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9735.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9735.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-9735
reference_id
reference_type
scores
0
value 0.01892
scoring_system epss
scoring_elements 0.83233
published_at 2026-04-21T12:55:00Z
1
value 0.01892
scoring_system epss
scoring_elements 0.83126
published_at 2026-04-01T12:55:00Z
2
value 0.01892
scoring_system epss
scoring_elements 0.83143
published_at 2026-04-02T12:55:00Z
3
value 0.01892
scoring_system epss
scoring_elements 0.83157
published_at 2026-04-04T12:55:00Z
4
value 0.01892
scoring_system epss
scoring_elements 0.83156
published_at 2026-04-07T12:55:00Z
5
value 0.01892
scoring_system epss
scoring_elements 0.8318
published_at 2026-04-08T12:55:00Z
6
value 0.01892
scoring_system epss
scoring_elements 0.83187
published_at 2026-04-09T12:55:00Z
7
value 0.01892
scoring_system epss
scoring_elements 0.83203
published_at 2026-04-11T12:55:00Z
8
value 0.01892
scoring_system epss
scoring_elements 0.83197
published_at 2026-04-12T12:55:00Z
9
value 0.01892
scoring_system epss
scoring_elements 0.83193
published_at 2026-04-13T12:55:00Z
10
value 0.01892
scoring_system epss
scoring_elements 0.8323
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-9735
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9735
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9735
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2019-190.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2019-190.yaml
9
reference_url https://launchpad.net/bugs/1818385
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1818385
10
reference_url https://seclists.org/bugtraq/2019/Mar/24
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://seclists.org/bugtraq/2019/Mar/24
11
reference_url https://security.openstack.org/ossa/OSSA-2019-001.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2019-001.html
12
reference_url https://usn.ubuntu.com/4036-1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://usn.ubuntu.com/4036-1
13
reference_url https://usn.ubuntu.com/4036-1/
reference_id
reference_type
scores
url https://usn.ubuntu.com/4036-1/
14
reference_url https://web.archive.org/web/20201208185619/http://www.securityfocus.com/bid/107390
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20201208185619/http://www.securityfocus.com/bid/107390
15
reference_url https://www.debian.org/security/2019/dsa-4409
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2019/dsa-4409
16
reference_url http://www.openwall.com/lists/oss-security/2019/03/18/2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2019/03/18/2
17
reference_url http://www.securityfocus.com/bid/107390
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/107390
18
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1690745
reference_id 1690745
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1690745
19
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924508
reference_id 924508
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924508
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:14:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_id cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/detail/CVE-2019-9735
reference_id CVE-2019-9735
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:N/A:P
1
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
3
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
4
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2019-9735
26
reference_url https://github.com/advisories/GHSA-9773-3fqg-8w25
reference_id GHSA-9773-3fqg-8w25
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-9773-3fqg-8w25
fixed_packages
0
url pkg:deb/debian/neutron@2:13.0.2-13?distro=trixie
purl pkg:deb/debian/neutron@2:13.0.2-13?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:13.0.2-13%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2019-9735, GHSA-9773-3fqg-8w25, PYSEC-2019-190
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b3pu-ncrc-wbhn
8
url VCID-ba8p-f96g-aqc3
vulnerability_id VCID-ba8p-f96g-aqc3
summary Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due to the Open vSwitch integration bridge being connected to the instance during migration. When connected to the integration bridge, all traffic for instances using the same Open vSwitch instance would potentially be visible to the migrated guest, as the required Open vSwitch VLAN filters are only applied post-migration. Versions of openstack-neutron before 13.0.0.0b2, 12.0.3, 11.0.5 are vulnerable.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14636.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14636.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14636
reference_id
reference_type
scores
0
value 0.00203
scoring_system epss
scoring_elements 0.42352
published_at 2026-04-21T12:55:00Z
1
value 0.00203
scoring_system epss
scoring_elements 0.42422
published_at 2026-04-18T12:55:00Z
2
value 0.00203
scoring_system epss
scoring_elements 0.42448
published_at 2026-04-16T12:55:00Z
3
value 0.00203
scoring_system epss
scoring_elements 0.42443
published_at 2026-04-09T12:55:00Z
4
value 0.00203
scoring_system epss
scoring_elements 0.42399
published_at 2026-04-13T12:55:00Z
5
value 0.00203
scoring_system epss
scoring_elements 0.42429
published_at 2026-04-12T12:55:00Z
6
value 0.00203
scoring_system epss
scoring_elements 0.42466
published_at 2026-04-11T12:55:00Z
7
value 0.00203
scoring_system epss
scoring_elements 0.42347
published_at 2026-04-01T12:55:00Z
8
value 0.00203
scoring_system epss
scoring_elements 0.42418
published_at 2026-04-02T12:55:00Z
9
value 0.00203
scoring_system epss
scoring_elements 0.42447
published_at 2026-04-04T12:55:00Z
10
value 0.00203
scoring_system epss
scoring_elements 0.42385
published_at 2026-04-07T12:55:00Z
11
value 0.00203
scoring_system epss
scoring_elements 0.42436
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14636
2
reference_url https://bugs.launchpad.net/neutron/+bug/1734320
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/neutron/+bug/1734320
3
reference_url https://bugs.launchpad.net/neutron/+bug/1767422
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/neutron/+bug/1767422
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14636
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14636
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14636
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14636
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2018-94.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2018-94.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1594977
reference_id 1594977
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1594977
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14636
reference_id CVE-2018-14636
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14636
11
reference_url https://github.com/advisories/GHSA-8q95-jj7p-x93x
reference_id GHSA-8q95-jj7p-x93x
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8q95-jj7p-x93x
fixed_packages
0
url pkg:deb/debian/neutron@2:13.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:13.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:13.0.0-1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2018-14636, GHSA-8q95-jj7p-x93x, PYSEC-2018-94
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ba8p-f96g-aqc3
9
url VCID-cy6c-1e49-27cz
vulnerability_id VCID-cy6c-1e49-27cz
summary pycadf: token leak to message queue
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1050.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1050.html
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4615.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4615.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4615
reference_id
reference_type
scores
0
value 0.0075
scoring_system epss
scoring_elements 0.73177
published_at 2026-04-21T12:55:00Z
1
value 0.0075
scoring_system epss
scoring_elements 0.7308
published_at 2026-04-01T12:55:00Z
2
value 0.0075
scoring_system epss
scoring_elements 0.7309
published_at 2026-04-02T12:55:00Z
3
value 0.0075
scoring_system epss
scoring_elements 0.73111
published_at 2026-04-04T12:55:00Z
4
value 0.0075
scoring_system epss
scoring_elements 0.73085
published_at 2026-04-07T12:55:00Z
5
value 0.0075
scoring_system epss
scoring_elements 0.73121
published_at 2026-04-08T12:55:00Z
6
value 0.0075
scoring_system epss
scoring_elements 0.73134
published_at 2026-04-09T12:55:00Z
7
value 0.0075
scoring_system epss
scoring_elements 0.73159
published_at 2026-04-11T12:55:00Z
8
value 0.0075
scoring_system epss
scoring_elements 0.73138
published_at 2026-04-12T12:55:00Z
9
value 0.0075
scoring_system epss
scoring_elements 0.73132
published_at 2026-04-13T12:55:00Z
10
value 0.0075
scoring_system epss
scoring_elements 0.73175
published_at 2026-04-16T12:55:00Z
11
value 0.0075
scoring_system epss
scoring_elements 0.73185
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4615
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4615
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4615
4
reference_url http://secunia.com/advisories/60643
reference_id
reference_type
scores
url http://secunia.com/advisories/60643
5
reference_url http://secunia.com/advisories/60736
reference_id
reference_type
scores
url http://secunia.com/advisories/60736
6
reference_url http://secunia.com/advisories/60766
reference_id
reference_type
scores
url http://secunia.com/advisories/60766
7
reference_url http://www.openwall.com/lists/oss-security/2014/06/23/8
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2014/06/23/8
8
reference_url http://www.openwall.com/lists/oss-security/2014/06/24/6
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2014/06/24/6
9
reference_url http://www.openwall.com/lists/oss-security/2014/06/25/6
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2014/06/25/6
10
reference_url http://www.securityfocus.com/bid/68149
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/68149
11
reference_url http://www.ubuntu.com/usn/USN-2311-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2311-1
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1112945
reference_id 1112945
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1112945
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2014.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:2014.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2014.1.1:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:juno1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:juno1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:juno1:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:oslo:-:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:oslo:-:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:oslo:-:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:pycadf:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:*:*:*:*:*:*:*:*
18
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:pycadf:0.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1:*:*:*:*:*:*:*
19
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:pycadf:0.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1.1:*:*:*:*:*:*:*
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:pycadf:0.1.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1.2:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:pycadf:0.1.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1.3:*:*:*:*:*:*:*
22
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:pycadf:0.1.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1.4:*:*:*:*:*:*:*
23
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1.5:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:pycadf:0.1.5:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1.5:*:*:*:*:*:*:*
24
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1.6:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:pycadf:0.1.6:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1.6:*:*:*:*:*:*:*
25
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1.7:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:pycadf:0.1.7:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1.7:*:*:*:*:*:*:*
26
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1.8:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:pycadf:0.1.8:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1.8:*:*:*:*:*:*:*
27
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1.9:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:pycadf:0.1.9:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.1.9:*:*:*:*:*:*:*
28
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:pycadf:0.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.2:*:*:*:*:*:*:*
29
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.2.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:pycadf:0.2.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.2.1:*:*:*:*:*:*:*
30
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.2.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:pycadf:0.2.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.2.2:*:*:*:*:*:*:*
31
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:pycadf:0.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.3:*:*:*:*:*:*:*
32
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.3.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:pycadf:0.3.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.3.1:*:*:*:*:*:*:*
33
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.4:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:pycadf:0.4:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.4:*:*:*:*:*:*:*
34
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.4.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:pycadf:0.4.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:pycadf:0.4.1:*:*:*:*:*:*:*
35
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:telemetry_\(ceilometer\):2013.2:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:telemetry_\(ceilometer\):2013.2:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:telemetry_\(ceilometer\):2013.2:*:*:*:*:*:*:*
36
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:telemetry_\(ceilometer\):2014.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:telemetry_\(ceilometer\):2014.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:telemetry_\(ceilometer\):2014.1:*:*:*:*:*:*:*
37
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*
38
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
39
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-4615
reference_id CVE-2014-4615
reference_type
scores
0
value 5.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2014-4615
40
reference_url https://access.redhat.com/errata/RHSA-2014:1050
reference_id RHSA-2014:1050
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1050
41
reference_url https://usn.ubuntu.com/2311-1/
reference_id USN-2311-1
reference_type
scores
url https://usn.ubuntu.com/2311-1/
42
reference_url https://usn.ubuntu.com/2311-2/
reference_id USN-2311-2
reference_type
scores
url https://usn.ubuntu.com/2311-2/
43
reference_url https://usn.ubuntu.com/2321-1/
reference_id USN-2321-1
reference_type
scores
url https://usn.ubuntu.com/2321-1/
fixed_packages
0
url pkg:deb/debian/neutron@2014.1.2-1?distro=trixie
purl pkg:deb/debian/neutron@2014.1.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2014.1.2-1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2014-4615
risk_score 2.2
exploitability 0.5
weighted_severity 4.5
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cy6c-1e49-27cz
10
url VCID-d7zk-1d89-dbbw
vulnerability_id VCID-d7zk-1d89-dbbw
summary 
OpenStack Neutron can use an incorrect ID during policy enforcement
In OpenStack Neutron before 25.0.1, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. It does not apply the proper policy check for changing network tags. An unprivileged tenant is able to change (add and clear) tags on network objects that do not belong to the tenant, and this action is not subjected to the proper policy authorization check. This affects 23 before 23.2.1, 24 before 24.0.2, and 25 before 25.0.1.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53916.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2024-53916.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-53916
reference_id
reference_type
scores
0
value 0.00138
scoring_system epss
scoring_elements 0.33868
published_at 2026-04-21T12:55:00Z
1
value 0.00138
scoring_system epss
scoring_elements 0.339
published_at 2026-04-18T12:55:00Z
2
value 0.00138
scoring_system epss
scoring_elements 0.33877
published_at 2026-04-13T12:55:00Z
3
value 0.00138
scoring_system epss
scoring_elements 0.33915
published_at 2026-04-16T12:55:00Z
4
value 0.00138
scoring_system epss
scoring_elements 0.33901
published_at 2026-04-12T12:55:00Z
5
value 0.00138
scoring_system epss
scoring_elements 0.33943
published_at 2026-04-11T12:55:00Z
6
value 0.00138
scoring_system epss
scoring_elements 0.33944
published_at 2026-04-09T12:55:00Z
7
value 0.00138
scoring_system epss
scoring_elements 0.33913
published_at 2026-04-08T12:55:00Z
8
value 0.00138
scoring_system epss
scoring_elements 0.33871
published_at 2026-04-07T12:55:00Z
9
value 0.00138
scoring_system epss
scoring_elements 0.34016
published_at 2026-04-04T12:55:00Z
10
value 0.00138
scoring_system epss
scoring_elements 0.33985
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-53916
2
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
3
reference_url https://github.com/openstack/neutron/blob/363ffa6e9e1ab5968f87d45bc2f1cb6394f48b9f/neutron/extensions/tagging.py#L138-L232
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:11Z/
url https://github.com/openstack/neutron/blob/363ffa6e9e1ab5968f87d45bc2f1cb6394f48b9f/neutron/extensions/tagging.py#L138-L232
4
reference_url https://nvd.nist.gov/vuln/detail/CVE-2024-53916
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2024-53916
5
reference_url https://review.opendev.org/c/openstack/neutron/+/935883
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:11Z/
url https://review.opendev.org/c/openstack/neutron/+/935883
6
reference_url https://review.opendev.org/q/project:openstack/neutron
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:11Z/
url https://review.opendev.org/q/project:openstack/neutron
7
reference_url https://security.openstack.org/ossa/OSSA-2024-005.html
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-11-27T16:37:11Z/
url https://security.openstack.org/ossa/OSSA-2024-005.html
8
reference_url http://www.openwall.com/lists/oss-security/2024/12/03/1
reference_id
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
1
value 6.9
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2024/12/03/1
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088802
reference_id 1088802
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1088802
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2328595
reference_id 2328595
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2328595
11
reference_url https://github.com/advisories/GHSA-f27h-g923-68hw
reference_id GHSA-f27h-g923-68hw
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-f27h-g923-68hw
fixed_packages
0
url pkg:deb/debian/neutron@0?distro=trixie
purl pkg:deb/debian/neutron@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@0%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:25.0.0-2?distro=trixie
purl pkg:deb/debian/neutron@2:25.0.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:25.0.0-2%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
6
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2024-53916, GHSA-f27h-g923-68hw
risk_score 3.4
exploitability 0.5
weighted_severity 6.8
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-d7zk-1d89-dbbw
11
url VCID-ejd8-7jqx-zbfy
vulnerability_id VCID-ejd8-7jqx-zbfy
summary PackStack: Neutron Security Groups fail to block network traffic
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0071.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0071.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0071
reference_id
reference_type
scores
0
value 0.00124
scoring_system epss
scoring_elements 0.3163
published_at 2026-04-12T12:55:00Z
1
value 0.00124
scoring_system epss
scoring_elements 0.31594
published_at 2026-04-13T12:55:00Z
2
value 0.00124
scoring_system epss
scoring_elements 0.31628
published_at 2026-04-16T12:55:00Z
3
value 0.00124
scoring_system epss
scoring_elements 0.31606
published_at 2026-04-18T12:55:00Z
4
value 0.00124
scoring_system epss
scoring_elements 0.31574
published_at 2026-04-21T12:55:00Z
5
value 0.0019
scoring_system epss
scoring_elements 0.40871
published_at 2026-04-09T12:55:00Z
6
value 0.0019
scoring_system epss
scoring_elements 0.4078
published_at 2026-04-01T12:55:00Z
7
value 0.0019
scoring_system epss
scoring_elements 0.40888
published_at 2026-04-11T12:55:00Z
8
value 0.0019
scoring_system epss
scoring_elements 0.40863
published_at 2026-04-02T12:55:00Z
9
value 0.0019
scoring_system epss
scoring_elements 0.40891
published_at 2026-04-04T12:55:00Z
10
value 0.0019
scoring_system epss
scoring_elements 0.40816
published_at 2026-04-07T12:55:00Z
11
value 0.0019
scoring_system epss
scoring_elements 0.40864
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0071
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0071
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0071
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1064163
reference_id 1064163
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1064163
4
reference_url https://access.redhat.com/errata/RHSA-2014:0233
reference_id RHSA-2014:0233
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0233
fixed_packages
0
url pkg:deb/debian/neutron@2014.1-1?distro=trixie
purl pkg:deb/debian/neutron@2014.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2014.1-1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2014-0071
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ejd8-7jqx-zbfy
12
url VCID-f9bx-xknx-6qbv
vulnerability_id VCID-f9bx-xknx-6qbv
summary OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the hardware addresses of other systems on the network, resulting in denial of service or in some cases possibly interception of traffic intended for other destinations.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38598.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38598.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-38598
reference_id
reference_type
scores
0
value 0.00036
scoring_system epss
scoring_elements 0.10766
published_at 2026-04-21T12:55:00Z
1
value 0.00036
scoring_system epss
scoring_elements 0.1064
published_at 2026-04-18T12:55:00Z
2
value 0.00036
scoring_system epss
scoring_elements 0.10624
published_at 2026-04-16T12:55:00Z
3
value 0.00036
scoring_system epss
scoring_elements 0.1076
published_at 2026-04-13T12:55:00Z
4
value 0.00036
scoring_system epss
scoring_elements 0.10784
published_at 2026-04-12T12:55:00Z
5
value 0.00036
scoring_system epss
scoring_elements 0.10815
published_at 2026-04-11T12:55:00Z
6
value 0.00036
scoring_system epss
scoring_elements 0.10801
published_at 2026-04-09T12:55:00Z
7
value 0.00036
scoring_system epss
scoring_elements 0.10668
published_at 2026-04-07T12:55:00Z
8
value 0.00036
scoring_system epss
scoring_elements 0.10745
published_at 2026-04-08T12:55:00Z
9
value 0.00036
scoring_system epss
scoring_elements 0.10817
published_at 2026-04-04T12:55:00Z
10
value 0.00036
scoring_system epss
scoring_elements 0.10754
published_at 2026-04-02T12:55:00Z
11
value 0.00036
scoring_system epss
scoring_elements 0.10615
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-38598
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38598
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-38598
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
5
reference_url https://github.com/openstack/neutron/commit/0a931391d8990f3e654b4bfda24ae4119c609bbf
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/0a931391d8990f3e654b4bfda24ae4119c609bbf
6
reference_url https://github.com/openstack/neutron/commit/cc0d28a3e2ccfad6fc2ff24d78f009cbe3992575
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/cc0d28a3e2ccfad6fc2ff24d78f009cbe3992575
7
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-360.yaml
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-360.yaml
8
reference_url https://launchpad.net/bugs/1938670
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1938670
9
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-38598
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-38598
10
reference_url https://opendev.org/openstack/neutron/commit/fafa5dacd5057120562184a734e7345e7c0e9639
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/neutron/commit/fafa5dacd5057120562184a734e7345e7c0e9639
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1995273
reference_id 1995273
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1995273
12
reference_url https://github.com/advisories/GHSA-hvm4-mc7m-22w4
reference_id GHSA-hvm4-mc7m-22w4
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hvm4-mc7m-22w4
13
reference_url https://usn.ubuntu.com/6067-1/
reference_id USN-6067-1
reference_type
scores
url https://usn.ubuntu.com/6067-1/
fixed_packages
0
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:18.1.0-2?distro=trixie
purl pkg:deb/debian/neutron@2:18.1.0-2?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:18.1.0-2%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2021-38598, GHSA-hvm4-mc7m-22w4, PYSEC-2021-360
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-f9bx-xknx-6qbv
13
url VCID-fqwt-ecwa-1kex
vulnerability_id VCID-fqwt-ecwa-1kex
summary 
OpenStack Neutron Improper Authentication vulnerability
The l3-agent in OpenStack Neutron 2012.2 before 2013.2.3 does not check the tenant id when creating ports, which allows remote authenticated users to plug ports into the routers of arbitrary tenants via the device id in a port-create command.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-0516.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0516.html
1
reference_url https://access.redhat.com/errata/RHSA-2014:0516
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2014:0516
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0056.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-0056.json
3
reference_url https://access.redhat.com/security/cve/CVE-2014-0056
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2014-0056
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-0056
reference_id
reference_type
scores
0
value 0.00216
scoring_system epss
scoring_elements 0.44128
published_at 2026-04-11T12:55:00Z
1
value 0.00216
scoring_system epss
scoring_elements 0.44066
published_at 2026-04-21T12:55:00Z
2
value 0.00216
scoring_system epss
scoring_elements 0.44113
published_at 2026-04-09T12:55:00Z
3
value 0.00216
scoring_system epss
scoring_elements 0.44096
published_at 2026-04-12T12:55:00Z
4
value 0.00216
scoring_system epss
scoring_elements 0.44132
published_at 2026-04-18T12:55:00Z
5
value 0.00216
scoring_system epss
scoring_elements 0.44141
published_at 2026-04-16T12:55:00Z
6
value 0.00216
scoring_system epss
scoring_elements 0.44058
published_at 2026-04-01T12:55:00Z
7
value 0.00216
scoring_system epss
scoring_elements 0.44105
published_at 2026-04-02T12:55:00Z
8
value 0.00216
scoring_system epss
scoring_elements 0.44079
published_at 2026-04-13T12:55:00Z
9
value 0.00216
scoring_system epss
scoring_elements 0.44129
published_at 2026-04-04T12:55:00Z
10
value 0.00216
scoring_system epss
scoring_elements 0.44059
published_at 2026-04-07T12:55:00Z
11
value 0.00216
scoring_system epss
scoring_elements 0.4411
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-0056
5
reference_url https://bugs.launchpad.net/neutron/+bug/1243327
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/neutron/+bug/1243327
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1063141
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1063141
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0056
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0056
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-0056
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2014-0056
9
reference_url https://opendev.org/openstack/neutron
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/neutron
10
reference_url http://www.openwall.com/lists/oss-security/2014/03/27/5
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2014/03/27/5
11
reference_url http://www.ubuntu.com/usn/USN-2194-1
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.ubuntu.com/usn/USN-2194-1
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742800
reference_id 742800
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=742800
13
reference_url https://github.com/advisories/GHSA-72p9-6gc7-q93r
reference_id GHSA-72p9-6gc7-q93r
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-72p9-6gc7-q93r
14
reference_url https://usn.ubuntu.com/2194-1/
reference_id USN-2194-1
reference_type
scores
url https://usn.ubuntu.com/2194-1/
fixed_packages
0
url pkg:deb/debian/neutron@2013.2.2-4?distro=trixie
purl pkg:deb/debian/neutron@2013.2.2-4?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2013.2.2-4%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2014-0056, GHSA-72p9-6gc7-q93r
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-fqwt-ecwa-1kex
14
url VCID-hcsa-vfvp-buax
vulnerability_id VCID-hcsa-vfvp-buax
summary 
OpenStack Nova Router metadata queries are not restricted by tenant
Interaction error in OpenStack Nova and Neutron before Havana 2013.2.1 and icehouse-1 does not validate the instance ID of the tenant making a request, which allows remote tenants to obtain sensitive metadata by spoofing the device ID that is bound to a port, which is not properly handled by (1) api/metadata/handler.py in Nova and (2) the neutron-metadata-agent (`agent/metadata/agent.py`) in Neutron.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-0091.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0091.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-0231.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2014-0231.html
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6419.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6419.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6419
reference_id
reference_type
scores
0
value 0.00563
scoring_system epss
scoring_elements 0.68401
published_at 2026-04-21T12:55:00Z
1
value 0.00563
scoring_system epss
scoring_elements 0.68306
published_at 2026-04-01T12:55:00Z
2
value 0.00563
scoring_system epss
scoring_elements 0.68326
published_at 2026-04-02T12:55:00Z
3
value 0.00563
scoring_system epss
scoring_elements 0.68345
published_at 2026-04-04T12:55:00Z
4
value 0.00563
scoring_system epss
scoring_elements 0.68322
published_at 2026-04-07T12:55:00Z
5
value 0.00563
scoring_system epss
scoring_elements 0.68373
published_at 2026-04-08T12:55:00Z
6
value 0.00563
scoring_system epss
scoring_elements 0.6839
published_at 2026-04-09T12:55:00Z
7
value 0.00563
scoring_system epss
scoring_elements 0.68417
published_at 2026-04-11T12:55:00Z
8
value 0.00563
scoring_system epss
scoring_elements 0.68404
published_at 2026-04-12T12:55:00Z
9
value 0.00563
scoring_system epss
scoring_elements 0.68372
published_at 2026-04-13T12:55:00Z
10
value 0.00563
scoring_system epss
scoring_elements 0.6841
published_at 2026-04-16T12:55:00Z
11
value 0.00563
scoring_system epss
scoring_elements 0.68423
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6419
4
reference_url https://bugs.launchpad.net/neutron/+bug/1235450
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/neutron/+bug/1235450
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6419
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6419
6
reference_url https://github.com/openstack/nova
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova
7
reference_url https://github.com/openstack/nova/commit/07006be9165d1008ca0382b6f0ad25b13a676a55
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/07006be9165d1008ca0382b6f0ad25b13a676a55
8
reference_url https://github.com/openstack/nova/commit/af2f823107010933ecd94a9c938f8b739baaecb7
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/af2f823107010933ecd94a9c938f8b739baaecb7
9
reference_url https://github.com/openstack/nova/commit/bce36e9bdb1fcb9658f7b684d160e656e88d816c
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/nova/commit/bce36e9bdb1fcb9658f7b684d160e656e88d816c
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2013-6419
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2013-6419
11
reference_url https://review.openstack.org/#/c/61428/2/nova/api/metadata/handler.py
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/61428/2/nova/api/metadata/handler.py
12
reference_url https://review.openstack.org/#/c/61439/1/neutron/agent/metadata/agent.py
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/61439/1/neutron/agent/metadata/agent.py
13
reference_url http://www.openwall.com/lists/oss-security/2013/12/11/8
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2013/12/11/8
14
reference_url http://www.securityfocus.com/bid/64250
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://www.securityfocus.com/bid/64250
15
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1039148
reference_id 1039148
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1039148
16
reference_url https://github.com/advisories/GHSA-22w9-j288-8p9w
reference_id GHSA-22w9-j288-8p9w
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-22w9-j288-8p9w
17
reference_url https://access.redhat.com/errata/RHSA-2014:0091
reference_id RHSA-2014:0091
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0091
18
reference_url https://access.redhat.com/errata/RHSA-2014:0231
reference_id RHSA-2014:0231
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0231
fixed_packages
0
url pkg:deb/debian/neutron@2013.2.1-1?distro=trixie
purl pkg:deb/debian/neutron@2013.2.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2013.2.1-1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2013-6419, GHSA-22w9-j288-8p9w
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hcsa-vfvp-buax
15
url VCID-kk9h-cvg8-23he
vulnerability_id VCID-kk9h-cvg8-23he
summary openstack-neutron: DoS via maliciously crafted dns_nameservers
references
0
reference_url http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155351.html
reference_id
reference_type
scores
url http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155351.html
1
reference_url http://lists.openstack.org/pipermail/openstack-announce/2014-November/000303.html
reference_id
reference_type
scores
url http://lists.openstack.org/pipermail/openstack-announce/2014-November/000303.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2014-1938.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1938.html
3
reference_url http://rhn.redhat.com/errata/RHSA-2014-1942.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1942.html
4
reference_url http://rhn.redhat.com/errata/RHSA-2015-0044.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2015-0044.html
5
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7821.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-7821.json
6
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-7821
reference_id
reference_type
scores
0
value 0.01861
scoring_system epss
scoring_elements 0.83093
published_at 2026-04-21T12:55:00Z
1
value 0.01861
scoring_system epss
scoring_elements 0.82986
published_at 2026-04-01T12:55:00Z
2
value 0.01861
scoring_system epss
scoring_elements 0.83003
published_at 2026-04-02T12:55:00Z
3
value 0.01861
scoring_system epss
scoring_elements 0.83016
published_at 2026-04-04T12:55:00Z
4
value 0.01861
scoring_system epss
scoring_elements 0.83014
published_at 2026-04-07T12:55:00Z
5
value 0.01861
scoring_system epss
scoring_elements 0.83038
published_at 2026-04-08T12:55:00Z
6
value 0.01861
scoring_system epss
scoring_elements 0.83046
published_at 2026-04-09T12:55:00Z
7
value 0.01861
scoring_system epss
scoring_elements 0.83061
published_at 2026-04-11T12:55:00Z
8
value 0.01861
scoring_system epss
scoring_elements 0.83055
published_at 2026-04-12T12:55:00Z
9
value 0.01861
scoring_system epss
scoring_elements 0.83051
published_at 2026-04-13T12:55:00Z
10
value 0.01861
scoring_system epss
scoring_elements 0.83089
published_at 2026-04-16T12:55:00Z
11
value 0.01861
scoring_system epss
scoring_elements 0.8309
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-7821
7
reference_url https://bugs.launchpad.net/neutron/+bug/1378450
reference_id
reference_type
scores
url https://bugs.launchpad.net/neutron/+bug/1378450
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7821
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7821
9
reference_url http://secunia.com/advisories/62586
reference_id
reference_type
scores
url http://secunia.com/advisories/62586
10
reference_url https://exchange.xforce.ibmcloud.com/vulnerabilities/98818
reference_id
reference_type
scores
url https://exchange.xforce.ibmcloud.com/vulnerabilities/98818
11
reference_url http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
reference_id
reference_type
scores
url http://www.oracle.com/technetwork/topics/security/bulletinjan2015-2370101.html
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1163457
reference_id 1163457
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1163457
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770431
reference_id 770431
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770431
14
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:redhat:openstack:4.0:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
reference_id cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:fedoraproject:fedora:20:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-7821
reference_id CVE-2014-7821
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2014-7821
18
reference_url https://access.redhat.com/errata/RHSA-2014:1938
reference_id RHSA-2014:1938
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1938
19
reference_url https://access.redhat.com/errata/RHSA-2014:1942
reference_id RHSA-2014:1942
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1942
20
reference_url https://access.redhat.com/errata/RHSA-2015:0044
reference_id RHSA-2015:0044
reference_type
scores
url https://access.redhat.com/errata/RHSA-2015:0044
fixed_packages
0
url pkg:deb/debian/neutron@2014.1.3-6?distro=trixie
purl pkg:deb/debian/neutron@2014.1.3-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2014.1.3-6%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2014-7821
risk_score 1.8
exploitability 0.5
weighted_severity 3.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kk9h-cvg8-23he
16
url VCID-kv7h-v2g8-6fdj
vulnerability_id VCID-kv7h-v2g8-6fdj
summary 
OpenStack Neutron allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address.
references
0
reference_url https://access.redhat.com/errata/RHSA-2016:1473
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1473
1
reference_url https://access.redhat.com/errata/RHSA-2016:1474
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2016:1474
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8914.json
reference_id
reference_type
scores
0
value 6.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8914.json
3
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-8914
reference_id
reference_type
scores
0
value 0.06657
scoring_system epss
scoring_elements 0.91164
published_at 2026-04-01T12:55:00Z
1
value 0.06657
scoring_system epss
scoring_elements 0.91239
published_at 2026-04-21T12:55:00Z
2
value 0.06657
scoring_system epss
scoring_elements 0.91238
published_at 2026-04-16T12:55:00Z
3
value 0.06657
scoring_system epss
scoring_elements 0.91214
published_at 2026-04-13T12:55:00Z
4
value 0.06657
scoring_system epss
scoring_elements 0.91211
published_at 2026-04-11T12:55:00Z
5
value 0.06657
scoring_system epss
scoring_elements 0.91205
published_at 2026-04-09T12:55:00Z
6
value 0.06657
scoring_system epss
scoring_elements 0.91198
published_at 2026-04-08T12:55:00Z
7
value 0.06657
scoring_system epss
scoring_elements 0.91185
published_at 2026-04-07T12:55:00Z
8
value 0.06657
scoring_system epss
scoring_elements 0.91177
published_at 2026-04-04T12:55:00Z
9
value 0.06657
scoring_system epss
scoring_elements 0.91169
published_at 2026-04-02T12:55:00Z
10
value 0.06657
scoring_system epss
scoring_elements 0.91237
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-8914
4
reference_url https://bugs.launchpad.net/neutron/+bug/1502933
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/neutron/+bug/1502933
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8914
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8914
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.8
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:N/C:P/I:P/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
8
reference_url https://github.com/openstack/neutron/commit/1d1159bb2b57f0b4193f8666f53736f05bf7eac9
reference_id
reference_type
scores
url https://github.com/openstack/neutron/commit/1d1159bb2b57f0b4193f8666f53736f05bf7eac9
9
reference_url https://github.com/openstack/neutron/commit/3e66b1a87544d7a127abceec13bfeacb8f18f7e1
reference_id
reference_type
scores
url https://github.com/openstack/neutron/commit/3e66b1a87544d7a127abceec13bfeacb8f18f7e1
10
reference_url https://review.openstack.org/#/c/300233
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/300233
11
reference_url https://review.openstack.org/#/c/300233/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/300233/
12
reference_url https://review.openstack.org/#/c/310648
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/310648
13
reference_url https://review.openstack.org/#/c/310648/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/310648/
14
reference_url https://review.openstack.org/#/c/310652
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://review.openstack.org/#/c/310652
15
reference_url https://review.openstack.org/#/c/310652/
reference_id
reference_type
scores
url https://review.openstack.org/#/c/310652/
16
reference_url https://security.openstack.org/ossa/OSSA-2016-009.html
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2016-009.html
17
reference_url http://www.openwall.com/lists/oss-security/2016/06/10/5
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/06/10/5
18
reference_url http://www.openwall.com/lists/oss-security/2016/06/10/6
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
1
value CRITICAL
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2016/06/10/6
19
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1345892
reference_id 1345892
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1345892
20
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
21
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-8914
reference_id CVE-2015-8914
reference_type
scores
0
value 6.4
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:N/C:P/I:N/A:P
1
value 9.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
2
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
3
value CRITICAL
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-8914
22
reference_url https://github.com/advisories/GHSA-3vj4-cvjp-482h
reference_id GHSA-3vj4-cvjp-482h
reference_type
scores
0
value CRITICAL
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-3vj4-cvjp-482h
fixed_packages
0
url pkg:deb/debian/neutron@2:8.1.2-1?distro=trixie
purl pkg:deb/debian/neutron@2:8.1.2-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:8.1.2-1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2015-8914, GHSA-3vj4-cvjp-482h
risk_score 4.5
exploitability 0.5
weighted_severity 9.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kv7h-v2g8-6fdj
17
url VCID-m3za-mbev-uuc1
vulnerability_id VCID-m3za-mbev-uuc1
summary openstack-neutron: Admin-only network attributes may be reset to defaults by non-privileged users
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2014-1686.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1686.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2014-1785.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1785.html
2
reference_url http://rhn.redhat.com/errata/RHSA-2014-1786.html
reference_id
reference_type
scores
url http://rhn.redhat.com/errata/RHSA-2014-1786.html
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6414.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-6414.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-6414
reference_id
reference_type
scores
0
value 0.00573
scoring_system epss
scoring_elements 0.68723
published_at 2026-04-21T12:55:00Z
1
value 0.00573
scoring_system epss
scoring_elements 0.68629
published_at 2026-04-01T12:55:00Z
2
value 0.00573
scoring_system epss
scoring_elements 0.68646
published_at 2026-04-02T12:55:00Z
3
value 0.00573
scoring_system epss
scoring_elements 0.68665
published_at 2026-04-04T12:55:00Z
4
value 0.00573
scoring_system epss
scoring_elements 0.68642
published_at 2026-04-07T12:55:00Z
5
value 0.00573
scoring_system epss
scoring_elements 0.68693
published_at 2026-04-08T12:55:00Z
6
value 0.00573
scoring_system epss
scoring_elements 0.68711
published_at 2026-04-09T12:55:00Z
7
value 0.00573
scoring_system epss
scoring_elements 0.68734
published_at 2026-04-16T12:55:00Z
8
value 0.00573
scoring_system epss
scoring_elements 0.68721
published_at 2026-04-12T12:55:00Z
9
value 0.00573
scoring_system epss
scoring_elements 0.68691
published_at 2026-04-13T12:55:00Z
10
value 0.00573
scoring_system epss
scoring_elements 0.68745
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-6414
5
reference_url https://bugs.launchpad.net/neutron/+bug/1357379
reference_id
reference_type
scores
url https://bugs.launchpad.net/neutron/+bug/1357379
6
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6414
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6414
7
reference_url http://secunia.com/advisories/62299
reference_id
reference_type
scores
url http://secunia.com/advisories/62299
8
reference_url http://www.openwall.com/lists/oss-security/2014/09/15/5
reference_id
reference_type
scores
url http://www.openwall.com/lists/oss-security/2014/09/15/5
9
reference_url http://www.ubuntu.com/usn/USN-2408-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2408-1
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1142012
reference_id 1142012
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1142012
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-6414
reference_id CVE-2014-6414
reference_type
scores
0
value 4.0
scoring_system cvssv2
scoring_elements AV:N/AC:L/Au:S/C:N/I:P/A:N
url https://nvd.nist.gov/vuln/detail/CVE-2014-6414
14
reference_url https://access.redhat.com/errata/RHSA-2014:1686
reference_id RHSA-2014:1686
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1686
15
reference_url https://access.redhat.com/errata/RHSA-2014:1785
reference_id RHSA-2014:1785
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1785
16
reference_url https://access.redhat.com/errata/RHSA-2014:1786
reference_id RHSA-2014:1786
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:1786
17
reference_url https://usn.ubuntu.com/2408-1/
reference_id USN-2408-1
reference_type
scores
url https://usn.ubuntu.com/2408-1/
fixed_packages
0
url pkg:deb/debian/neutron@2014.1.3-1?distro=trixie
purl pkg:deb/debian/neutron@2014.1.3-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2014.1.3-1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2014-6414
risk_score 1.8
exploitability 0.5
weighted_severity 3.6
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m3za-mbev-uuc1
18
url VCID-mgz8-9mkb-m3gv
vulnerability_id VCID-mgz8-9mkb-m3gv
summary openstack-neutron: L3-agent denial of service through IPv6 subnet
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4167.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-4167.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-4167
reference_id
reference_type
scores
0
value 0.00558
scoring_system epss
scoring_elements 0.6825
published_at 2026-04-21T12:55:00Z
1
value 0.00558
scoring_system epss
scoring_elements 0.68157
published_at 2026-04-01T12:55:00Z
2
value 0.00558
scoring_system epss
scoring_elements 0.68181
published_at 2026-04-02T12:55:00Z
3
value 0.00558
scoring_system epss
scoring_elements 0.68198
published_at 2026-04-04T12:55:00Z
4
value 0.00558
scoring_system epss
scoring_elements 0.68176
published_at 2026-04-07T12:55:00Z
5
value 0.00558
scoring_system epss
scoring_elements 0.68227
published_at 2026-04-08T12:55:00Z
6
value 0.00558
scoring_system epss
scoring_elements 0.68242
published_at 2026-04-09T12:55:00Z
7
value 0.00558
scoring_system epss
scoring_elements 0.68267
published_at 2026-04-11T12:55:00Z
8
value 0.00558
scoring_system epss
scoring_elements 0.68254
published_at 2026-04-12T12:55:00Z
9
value 0.00558
scoring_system epss
scoring_elements 0.6822
published_at 2026-04-13T12:55:00Z
10
value 0.00558
scoring_system epss
scoring_elements 0.68259
published_at 2026-04-16T12:55:00Z
11
value 0.00558
scoring_system epss
scoring_elements 0.68269
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-4167
2
reference_url https://bugs.launchpad.net/neutron/+bug/1309195
reference_id
reference_type
scores
url https://bugs.launchpad.net/neutron/+bug/1309195
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4167
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4167
4
reference_url http://seclists.org/oss-sec/2014/q2/572
reference_id
reference_type
scores
url http://seclists.org/oss-sec/2014/q2/572
5
reference_url http://secunia.com/advisories/59533
reference_id
reference_type
scores
url http://secunia.com/advisories/59533
6
reference_url http://www.ubuntu.com/usn/USN-2255-1
reference_id
reference_type
scores
url http://www.ubuntu.com/usn/USN-2255-1
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1110139
reference_id 1110139
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1110139
8
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752021
reference_id 752021
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752021
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:*:*:*:*:*:*:*:*
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2014.1:*:*:*:*:*:*:*
11
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2014.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:2014.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2014.1.1:*:*:*:*:*:*:*
12
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*
13
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_id cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2014-4167
reference_id CVE-2014-4167
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:N/I:N/A:P
url https://nvd.nist.gov/vuln/detail/CVE-2014-4167
15
reference_url https://access.redhat.com/errata/RHSA-2014:0899
reference_id RHSA-2014:0899
reference_type
scores
url https://access.redhat.com/errata/RHSA-2014:0899
16
reference_url https://usn.ubuntu.com/2255-1/
reference_id USN-2255-1
reference_type
scores
url https://usn.ubuntu.com/2255-1/
fixed_packages
0
url pkg:deb/debian/neutron@2014.1.1-1?distro=trixie
purl pkg:deb/debian/neutron@2014.1.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2014.1.1-1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2014-4167
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mgz8-9mkb-m3gv
19
url VCID-qua4-h1r7-a7b7
vulnerability_id VCID-qua4-h1r7-a7b7
summary 
openstack-neutron uncontrolled resource consumption flaw
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significant number of requests, this could lead to a denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3277.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2022-3277.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2022-3277
reference_id
reference_type
scores
0
value 0.00402
scoring_system epss
scoring_elements 0.60865
published_at 2026-04-21T12:55:00Z
1
value 0.00546
scoring_system epss
scoring_elements 0.67837
published_at 2026-04-13T12:55:00Z
2
value 0.00546
scoring_system epss
scoring_elements 0.67873
published_at 2026-04-16T12:55:00Z
3
value 0.00546
scoring_system epss
scoring_elements 0.678
published_at 2026-04-02T12:55:00Z
4
value 0.00546
scoring_system epss
scoring_elements 0.67864
published_at 2026-04-09T12:55:00Z
5
value 0.00546
scoring_system epss
scoring_elements 0.6785
published_at 2026-04-08T12:55:00Z
6
value 0.00546
scoring_system epss
scoring_elements 0.67799
published_at 2026-04-07T12:55:00Z
7
value 0.00546
scoring_system epss
scoring_elements 0.67819
published_at 2026-04-04T12:55:00Z
8
value 0.00546
scoring_system epss
scoring_elements 0.67887
published_at 2026-04-11T12:55:00Z
9
value 0.00546
scoring_system epss
scoring_elements 0.67886
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2022-3277
2
reference_url https://bugs.launchpad.net/neutron/+bug/1988026
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T15:54:44Z/
url https://bugs.launchpad.net/neutron/+bug/1988026
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2129193
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
2
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-03-07T15:54:44Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2129193
4
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3277
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3277
5
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
6
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
7
reference_url https://github.com/openstack/neutron/commit/01fc2b9195f999df4d810df4ee63f77ecbc81f7e
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/01fc2b9195f999df4d810df4ee63f77ecbc81f7e
8
reference_url https://github.com/openstack/neutron/commit/717e3e09556f1fb9a7a420863746fa785eb6c316
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/717e3e09556f1fb9a7a420863746fa785eb6c316
9
reference_url https://github.com/openstack/neutron/commit/733ef4f2d8c2a3734c360d1c1dd3a6fcd600cb8c
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/733ef4f2d8c2a3734c360d1c1dd3a6fcd600cb8c
10
reference_url https://github.com/openstack/neutron/commit/cbeee87fa44cd200d4997e02042098460167dce1
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/cbeee87fa44cd200d4997e02042098460167dce1
11
reference_url https://github.com/openstack/neutron/commit/d0e1b54fb1de932b2b30ab4269cf5789632df476
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/d0e1b54fb1de932b2b30ab4269cf5789632df476
12
reference_url https://github.com/openstack/neutron/commit/fd7fb0e9d8c602380f54975367d935ab69e10c05
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/fd7fb0e9d8c602380f54975367d935ab69e10c05
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027150
reference_id 1027150
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1027150
14
reference_url https://nvd.nist.gov/vuln/detail/CVE-2022-3277
reference_id CVE-2022-3277
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2022-3277
15
reference_url https://github.com/advisories/GHSA-w446-h7vg-wv3p
reference_id GHSA-w446-h7vg-wv3p
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w446-h7vg-wv3p
16
reference_url https://access.redhat.com/errata/RHSA-2022:8855
reference_id RHSA-2022:8855
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8855
17
reference_url https://access.redhat.com/errata/RHSA-2022:8870
reference_id RHSA-2022:8870
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:8870
18
reference_url https://access.redhat.com/errata/RHSA-2023:0275
reference_id RHSA-2023:0275
reference_type
scores
url https://access.redhat.com/errata/RHSA-2023:0275
19
reference_url https://usn.ubuntu.com/6067-1/
reference_id USN-6067-1
reference_type
scores
url https://usn.ubuntu.com/6067-1/
fixed_packages
0
url pkg:deb/debian/neutron@2:21.0.0~rc1-3?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0~rc1-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0~rc1-3%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2022-3277, GHSA-w446-h7vg-wv3p
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qua4-h1r7-a7b7
20
url VCID-s58r-txyg-g3aw
vulnerability_id VCID-s58r-txyg-g3aw
summary 
Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)
A race-condition flaw was discovered in openstack-neutron: following a minor overcloud update, neutron security groups were disabled.
references
0
reference_url https://access.redhat.com/errata/RHSA-2017:2447
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2447
1
reference_url https://access.redhat.com/errata/RHSA-2017:2448
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2448
2
reference_url https://access.redhat.com/errata/RHSA-2017:2449
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2449
3
reference_url https://access.redhat.com/errata/RHSA-2017:2450
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2450
4
reference_url https://access.redhat.com/errata/RHSA-2017:2451
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2451
5
reference_url https://access.redhat.com/errata/RHSA-2017:2452
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2017:2452
6
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7543.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-7543.json
7
reference_url https://access.redhat.com/security/cve/CVE-2017-7543
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2017-7543
8
reference_url https://api.first.org/data/v1/epss?cve=CVE-2017-7543
reference_id
reference_type
scores
0
value 0.00456
scoring_system epss
scoring_elements 0.63901
published_at 2026-04-04T12:55:00Z
1
value 0.00456
scoring_system epss
scoring_elements 0.63938
published_at 2026-04-18T12:55:00Z
2
value 0.00456
scoring_system epss
scoring_elements 0.63813
published_at 2026-04-01T12:55:00Z
3
value 0.00456
scoring_system epss
scoring_elements 0.63859
published_at 2026-04-07T12:55:00Z
4
value 0.00456
scoring_system epss
scoring_elements 0.63874
published_at 2026-04-02T12:55:00Z
5
value 0.00456
scoring_system epss
scoring_elements 0.63928
published_at 2026-04-21T12:55:00Z
6
value 0.00456
scoring_system epss
scoring_elements 0.63892
published_at 2026-04-13T12:55:00Z
7
value 0.00456
scoring_system epss
scoring_elements 0.63925
published_at 2026-04-12T12:55:00Z
8
value 0.00456
scoring_system epss
scoring_elements 0.63939
published_at 2026-04-11T12:55:00Z
9
value 0.00456
scoring_system epss
scoring_elements 0.63926
published_at 2026-04-09T12:55:00Z
10
value 0.00456
scoring_system epss
scoring_elements 0.63909
published_at 2026-04-08T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2017-7543
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1473792
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1473792
10
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7543
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7543
11
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 2.6
scoring_system cvssv2
scoring_elements AV:N/AC:H/Au:N/C:P/I:N/A:N
1
value 6.1
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
12
reference_url https://opendev.org/openstack/neutron
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/neutron
13
reference_url https://web.archive.org/web/20200227153412/https://www.securityfocus.com/bid/100237
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200227153412/https://www.securityfocus.com/bid/100237
14
reference_url http://www.securityfocus.com/bid/100237
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100237
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7543
reference_id CVE-2017-7543
reference_type
scores
0
value 5.9
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2017-7543
16
reference_url https://github.com/advisories/GHSA-hvxr-2fvv-c3wq
reference_id GHSA-hvxr-2fvv-c3wq
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hvxr-2fvv-c3wq
fixed_packages
0
url pkg:deb/debian/neutron@0?distro=trixie
purl pkg:deb/debian/neutron@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@0%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2017-7543, GHSA-hvxr-2fvv-c3wq
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-s58r-txyg-g3aw
21
url VCID-sh88-99pv-aqac
vulnerability_id VCID-sh88-99pv-aqac
summary A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some cases possibly interception of traffic intended for other destinations. Only deployments using the Open vSwitch driver are affected. Source: OpenStack project. Versions before openstack-neutron 15.3.3, openstack-neutron 16.3.1 and openstack-neutron 17.1.1 are affected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20267.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20267.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20267
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31507
published_at 2026-04-21T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.31521
published_at 2026-04-01T12:55:00Z
2
value 0.00123
scoring_system epss
scoring_elements 0.31658
published_at 2026-04-02T12:55:00Z
3
value 0.00123
scoring_system epss
scoring_elements 0.31702
published_at 2026-04-04T12:55:00Z
4
value 0.00123
scoring_system epss
scoring_elements 0.3152
published_at 2026-04-07T12:55:00Z
5
value 0.00123
scoring_system epss
scoring_elements 0.31573
published_at 2026-04-08T12:55:00Z
6
value 0.00123
scoring_system epss
scoring_elements 0.31603
published_at 2026-04-09T12:55:00Z
7
value 0.00123
scoring_system epss
scoring_elements 0.31608
published_at 2026-04-11T12:55:00Z
8
value 0.00123
scoring_system epss
scoring_elements 0.31565
published_at 2026-04-12T12:55:00Z
9
value 0.00123
scoring_system epss
scoring_elements 0.31528
published_at 2026-04-13T12:55:00Z
10
value 0.00123
scoring_system epss
scoring_elements 0.31562
published_at 2026-04-16T12:55:00Z
11
value 0.00123
scoring_system epss
scoring_elements 0.3154
published_at 2026-04-18T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20267
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1934330
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1934330
3
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20267
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20267
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-136.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-136.yaml
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20267
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20267
8
reference_url https://security.openstack.org/ossa/OSSA-2021-001.html
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2021-001.html
9
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985104
reference_id 985104
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985104
10
reference_url https://github.com/advisories/GHSA-w8hx-f868-pvch
reference_id GHSA-w8hx-f868-pvch
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-w8hx-f868-pvch
11
reference_url https://usn.ubuntu.com/6067-1/
reference_id USN-6067-1
reference_type
scores
url https://usn.ubuntu.com/6067-1/
fixed_packages
0
url pkg:deb/debian/neutron@2:17.1.1-5?distro=trixie
purl pkg:deb/debian/neutron@2:17.1.1-5?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.1.1-5%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2021-20267, GHSA-w8hx-f868-pvch, PYSEC-2021-136
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sh88-99pv-aqac
22
url VCID-tmfc-jgc1-ykat
vulnerability_id VCID-tmfc-jgc1-ykat
summary openstack-neutron: L3 agent denial of service with radvd 2.0+ (OSSA 2015-001)
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8153.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2014-8153.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2014-8153
reference_id
reference_type
scores
0
value 0.00709
scoring_system epss
scoring_elements 0.72157
published_at 2026-04-01T12:55:00Z
1
value 0.00709
scoring_system epss
scoring_elements 0.72162
published_at 2026-04-02T12:55:00Z
2
value 0.00709
scoring_system epss
scoring_elements 0.72182
published_at 2026-04-04T12:55:00Z
3
value 0.00709
scoring_system epss
scoring_elements 0.7216
published_at 2026-04-07T12:55:00Z
4
value 0.00709
scoring_system epss
scoring_elements 0.72197
published_at 2026-04-08T12:55:00Z
5
value 0.00709
scoring_system epss
scoring_elements 0.72209
published_at 2026-04-09T12:55:00Z
6
value 0.00709
scoring_system epss
scoring_elements 0.72232
published_at 2026-04-11T12:55:00Z
7
value 0.00709
scoring_system epss
scoring_elements 0.72216
published_at 2026-04-12T12:55:00Z
8
value 0.00709
scoring_system epss
scoring_elements 0.72202
published_at 2026-04-13T12:55:00Z
9
value 0.00709
scoring_system epss
scoring_elements 0.72245
published_at 2026-04-16T12:55:00Z
10
value 0.00709
scoring_system epss
scoring_elements 0.72255
published_at 2026-04-18T12:55:00Z
11
value 0.00709
scoring_system epss
scoring_elements 0.72242
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2014-8153
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1180469
reference_id 1180469
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1180469
fixed_packages
0
url pkg:deb/debian/neutron@0?distro=trixie
purl pkg:deb/debian/neutron@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@0%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2014-8153
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tmfc-jgc1-ykat
23
url VCID-u9wn-d3kr-7ubj
vulnerability_id VCID-u9wn-d3kr-7ubj
summary openstack-quantum/openstack-neutron: rootwrap sudo config allows potential privilege escalation
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6433.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2013-6433.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2013-6433
reference_id
reference_type
scores
0
value 0.01608
scoring_system epss
scoring_elements 0.81685
published_at 2026-04-01T12:55:00Z
1
value 0.01608
scoring_system epss
scoring_elements 0.81695
published_at 2026-04-02T12:55:00Z
2
value 0.01608
scoring_system epss
scoring_elements 0.81718
published_at 2026-04-04T12:55:00Z
3
value 0.01608
scoring_system epss
scoring_elements 0.81716
published_at 2026-04-07T12:55:00Z
4
value 0.01608
scoring_system epss
scoring_elements 0.81743
published_at 2026-04-08T12:55:00Z
5
value 0.01608
scoring_system epss
scoring_elements 0.81747
published_at 2026-04-09T12:55:00Z
6
value 0.01608
scoring_system epss
scoring_elements 0.81766
published_at 2026-04-11T12:55:00Z
7
value 0.01608
scoring_system epss
scoring_elements 0.81754
published_at 2026-04-12T12:55:00Z
8
value 0.01608
scoring_system epss
scoring_elements 0.81748
published_at 2026-04-13T12:55:00Z
9
value 0.01608
scoring_system epss
scoring_elements 0.81786
published_at 2026-04-18T12:55:00Z
10
value 0.01608
scoring_system epss
scoring_elements 0.81789
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2013-6433
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6433
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6433
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1039812
reference_id 1039812
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1039812
4
reference_url https://usn.ubuntu.com/2255-1/
reference_id USN-2255-1
reference_type
scores
url https://usn.ubuntu.com/2255-1/
fixed_packages
0
url pkg:deb/debian/neutron@2014.1-1?distro=trixie
purl pkg:deb/debian/neutron@2014.1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2014.1-1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2013-6433
risk_score null
exploitability 0.5
weighted_severity 0.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u9wn-d3kr-7ubj
24
url VCID-uf52-su2e-y3ck
vulnerability_id VCID-uf52-su2e-y3ck
summary 
Improper Input Validation
A Denial-of-Service flaw was found in the OpenStack Networking (neutron) L2 agent when using the iptables firewall driver. By submitting an address pair that is rejected as invalid by the ipset tool (with zero prefix size), an authenticated attacker can cause the L2 agent to crash.
references
0
reference_url http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html
1
reference_url http://rhn.redhat.com/errata/RHSA-2015-1680.html
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1680.html
2
reference_url https://access.redhat.com/errata/RHSA-2015:1680
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:1680
3
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3221.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3221.json
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-3221
reference_id
reference_type
scores
0
value 0.12601
scoring_system epss
scoring_elements 0.93978
published_at 2026-04-21T12:55:00Z
1
value 0.12601
scoring_system epss
scoring_elements 0.93938
published_at 2026-04-04T12:55:00Z
2
value 0.12601
scoring_system epss
scoring_elements 0.93941
published_at 2026-04-07T12:55:00Z
3
value 0.12601
scoring_system epss
scoring_elements 0.93949
published_at 2026-04-08T12:55:00Z
4
value 0.12601
scoring_system epss
scoring_elements 0.93952
published_at 2026-04-09T12:55:00Z
5
value 0.12601
scoring_system epss
scoring_elements 0.93956
published_at 2026-04-13T12:55:00Z
6
value 0.12601
scoring_system epss
scoring_elements 0.93972
published_at 2026-04-16T12:55:00Z
7
value 0.12601
scoring_system epss
scoring_elements 0.93977
published_at 2026-04-18T12:55:00Z
8
value 0.12601
scoring_system epss
scoring_elements 0.9392
published_at 2026-04-01T12:55:00Z
9
value 0.12601
scoring_system epss
scoring_elements 0.93929
published_at 2026-04-02T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-3221
5
reference_url https://bugs.launchpad.net/neutron/+bug/1461054
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/neutron/+bug/1461054
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1232284
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1232284
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3221
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3221
8
reference_url https://git.openstack.org/cgit/openstack/neutron/commit/?id=9ff6138c47c95034ba845e9448ddffd147b51f38
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://git.openstack.org/cgit/openstack/neutron/commit/?id=9ff6138c47c95034ba845e9448ddffd147b51f38
9
reference_url https://opendev.org/openstack/neutron
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/neutron
10
reference_url https://web.archive.org/web/20200228084753/http://www.securityfocus.com/bid/75368
reference_id
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://web.archive.org/web/20200228084753/http://www.securityfocus.com/bid/75368
11
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789713
reference_id 789713
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789713
12
reference_url https://access.redhat.com/security/cve/CVE-2015-3221
reference_id CVE-2015-3221
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2015-3221
13
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-3221
reference_id CVE-2015-3221
reference_type
scores
0
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-3221
14
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/37360.txt
reference_id CVE-2015-5066;CVE-2015-3221;OSVDB-123599
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/webapps/37360.txt
15
reference_url https://github.com/advisories/GHSA-wf44-4mgj-rwvx
reference_id GHSA-wf44-4mgj-rwvx
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-wf44-4mgj-rwvx
fixed_packages
0
url pkg:deb/debian/neutron@2015.1.0%2B2015.06.24.git61.bdf194a0e1-1?distro=trixie
purl pkg:deb/debian/neutron@2015.1.0%2B2015.06.24.git61.bdf194a0e1-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2015.1.0%252B2015.06.24.git61.bdf194a0e1-1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2015-3221, GHSA-wf44-4mgj-rwvx
risk_score 10.0
exploitability 2.0
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uf52-su2e-y3ck
25
url VCID-w7qg-pen7-tfbr
vulnerability_id VCID-w7qg-pen7-tfbr
summary An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40085.json
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40085.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-40085
reference_id
reference_type
scores
0
value 0.00412
scoring_system epss
scoring_elements 0.61498
published_at 2026-04-21T12:55:00Z
1
value 0.00412
scoring_system epss
scoring_elements 0.61515
published_at 2026-04-18T12:55:00Z
2
value 0.00412
scoring_system epss
scoring_elements 0.61511
published_at 2026-04-16T12:55:00Z
3
value 0.00412
scoring_system epss
scoring_elements 0.61491
published_at 2026-04-12T12:55:00Z
4
value 0.00412
scoring_system epss
scoring_elements 0.61483
published_at 2026-04-09T12:55:00Z
5
value 0.00412
scoring_system epss
scoring_elements 0.61468
published_at 2026-04-08T12:55:00Z
6
value 0.00412
scoring_system epss
scoring_elements 0.61421
published_at 2026-04-07T12:55:00Z
7
value 0.00412
scoring_system epss
scoring_elements 0.6145
published_at 2026-04-04T12:55:00Z
8
value 0.00412
scoring_system epss
scoring_elements 0.61422
published_at 2026-04-02T12:55:00Z
9
value 0.00412
scoring_system epss
scoring_elements 0.61346
published_at 2026-04-01T12:55:00Z
10
value 0.00412
scoring_system epss
scoring_elements 0.61471
published_at 2026-04-13T12:55:00Z
11
value 0.00412
scoring_system epss
scoring_elements 0.61504
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-40085
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40085
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40085
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
5
reference_url https://github.com/openstack/neutron/commit/df891f0593d234e01f27d7c0376d9702e178ecfb
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/df891f0593d234e01f27d7c0376d9702e178ecfb
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-361.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-361.yaml
7
reference_url https://launchpad.net/bugs/1939733
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1939733
8
reference_url https://lists.debian.org/debian-lts-announce/2021/10/msg00005.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/10/msg00005.html
9
reference_url https://lists.debian.org/debian-lts-announce/2022/05/msg00038.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/05/msg00038.html
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-40085
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-40085
11
reference_url https://security.openstack.org/ossa/OSSA-2021-005.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2021-005.html
12
reference_url https://www.debian.org/security/2021/dsa-4983
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4983
13
reference_url http://www.openwall.com/lists/oss-security/2021/08/31/2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/08/31/2
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1998052
reference_id 1998052
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1998052
15
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993398
reference_id 993398
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993398
16
reference_url https://github.com/advisories/GHSA-fh73-gjvg-349c
reference_id GHSA-fh73-gjvg-349c
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-fh73-gjvg-349c
17
reference_url https://access.redhat.com/errata/RHSA-2021:3481
reference_id RHSA-2021:3481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3481
18
reference_url https://access.redhat.com/errata/RHSA-2021:3488
reference_id RHSA-2021:3488
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3488
19
reference_url https://access.redhat.com/errata/RHSA-2021:3502
reference_id RHSA-2021:3502
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3502
20
reference_url https://access.redhat.com/errata/RHSA-2021:3503
reference_id RHSA-2021:3503
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3503
21
reference_url https://usn.ubuntu.com/6067-1/
reference_id USN-6067-1
reference_type
scores
url https://usn.ubuntu.com/6067-1/
fixed_packages
0
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:18.1.0-3?distro=trixie
purl pkg:deb/debian/neutron@2:18.1.0-3?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:18.1.0-3%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2021-40085, GHSA-fh73-gjvg-349c, PYSEC-2021-361
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w7qg-pen7-tfbr
26
url VCID-wv6g-4622-tqdw
vulnerability_id VCID-wv6g-4622-tqdw
summary An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. By making API requests involving nonexistent controllers, an authenticated user may cause the API worker to consume increasing amounts of memory, resulting in API performance degradation or denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40797.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40797.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-40797
reference_id
reference_type
scores
0
value 0.00384
scoring_system epss
scoring_elements 0.59706
published_at 2026-04-21T12:55:00Z
1
value 0.00384
scoring_system epss
scoring_elements 0.59722
published_at 2026-04-18T12:55:00Z
2
value 0.00384
scoring_system epss
scoring_elements 0.59714
published_at 2026-04-16T12:55:00Z
3
value 0.00384
scoring_system epss
scoring_elements 0.59682
published_at 2026-04-13T12:55:00Z
4
value 0.00384
scoring_system epss
scoring_elements 0.597
published_at 2026-04-12T12:55:00Z
5
value 0.00384
scoring_system epss
scoring_elements 0.59717
published_at 2026-04-11T12:55:00Z
6
value 0.00384
scoring_system epss
scoring_elements 0.59684
published_at 2026-04-08T12:55:00Z
7
value 0.00384
scoring_system epss
scoring_elements 0.59632
published_at 2026-04-07T12:55:00Z
8
value 0.00384
scoring_system epss
scoring_elements 0.59663
published_at 2026-04-04T12:55:00Z
9
value 0.00384
scoring_system epss
scoring_elements 0.59638
published_at 2026-04-02T12:55:00Z
10
value 0.00384
scoring_system epss
scoring_elements 0.59697
published_at 2026-04-09T12:55:00Z
11
value 0.00384
scoring_system epss
scoring_elements 0.59564
published_at 2026-04-01T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-40797
2
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40797
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-40797
3
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
4
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
5
reference_url https://github.com/openstack/neutron/commit/e610a5eb9e71aa2549fb11e2139370d227787da2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/e610a5eb9e71aa2549fb11e2139370d227787da2
6
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-329.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-329.yaml
7
reference_url https://launchpad.net/bugs/1942179
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1942179
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-40797
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-40797
9
reference_url https://security.openstack.org/ossa/OSSA-2021-006.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2021-006.html
10
reference_url http://www.openwall.com/lists/oss-security/2021/09/09/2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/09/09/2
11
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2003248
reference_id 2003248
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2003248
12
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994202
reference_id 994202
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994202
13
reference_url https://github.com/advisories/GHSA-cpx3-696p-3cw9
reference_id GHSA-cpx3-696p-3cw9
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-cpx3-696p-3cw9
14
reference_url https://access.redhat.com/errata/RHSA-2022:0990
reference_id RHSA-2022:0990
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0990
15
reference_url https://access.redhat.com/errata/RHSA-2022:0996
reference_id RHSA-2022:0996
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0996
16
reference_url https://usn.ubuntu.com/6067-1/
reference_id USN-6067-1
reference_type
scores
url https://usn.ubuntu.com/6067-1/
fixed_packages
0
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:19.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:19.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:19.0.0-1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2021-40797, GHSA-cpx3-696p-3cw9, PYSEC-2021-329
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wv6g-4622-tqdw
27
url VCID-ydug-1dq5-aya1
vulnerability_id VCID-ydug-1dq5-aya1
summary 
Uncontrolled Resource Consumption
An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significant number of requests, this could lead to a denial of service.
references
0
reference_url https://access.redhat.com/errata/RHSA-2023:4283
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:48:25Z/
url https://access.redhat.com/errata/RHSA-2023:4283
1
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3637.json
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3637.json
2
reference_url https://api.first.org/data/v1/epss?cve=CVE-2023-3637
reference_id
reference_type
scores
0
value 0.00169
scoring_system epss
scoring_elements 0.38016
published_at 2026-04-21T12:55:00Z
1
value 0.00169
scoring_system epss
scoring_elements 0.38038
published_at 2026-04-07T12:55:00Z
2
value 0.00169
scoring_system epss
scoring_elements 0.38089
published_at 2026-04-08T12:55:00Z
3
value 0.00169
scoring_system epss
scoring_elements 0.38097
published_at 2026-04-09T12:55:00Z
4
value 0.00169
scoring_system epss
scoring_elements 0.38115
published_at 2026-04-11T12:55:00Z
5
value 0.00169
scoring_system epss
scoring_elements 0.38078
published_at 2026-04-12T12:55:00Z
6
value 0.00169
scoring_system epss
scoring_elements 0.38054
published_at 2026-04-13T12:55:00Z
7
value 0.00169
scoring_system epss
scoring_elements 0.38099
published_at 2026-04-16T12:55:00Z
8
value 0.00169
scoring_system epss
scoring_elements 0.38079
published_at 2026-04-18T12:55:00Z
9
value 0.00169
scoring_system epss
scoring_elements 0.38145
published_at 2026-04-02T12:55:00Z
10
value 0.00169
scoring_system epss
scoring_elements 0.38168
published_at 2026-04-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2023-3637
3
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2222270
reference_id
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:48:25Z/
url https://bugzilla.redhat.com/show_bug.cgi?id=2222270
4
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
5
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.1
reference_id cpe:/a:redhat:openstack:16.1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.1
6
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.2::el8
reference_id cpe:/a:redhat:openstack:16.2::el8
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:16.2::el8
7
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.0
reference_id cpe:/a:redhat:openstack:17.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.0
8
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1
reference_id cpe:/a:redhat:openstack:17.1
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:17.1
9
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0
reference_id cpe:/a:redhat:openstack:18.0
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack:18.0
10
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack-optools:13
reference_id cpe:/a:redhat:openstack-optools:13
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openstack-optools:13
11
reference_url https://access.redhat.com/security/cve/CVE-2023-3637
reference_id CVE-2023-3637
reference_type
scores
0
value 4.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
1
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
2
value MODERATE
scoring_system generic_textual
scoring_elements
3
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-04-25T18:48:25Z/
url https://access.redhat.com/security/cve/CVE-2023-3637
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2023-3637
reference_id CVE-2023-3637
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2023-3637
13
reference_url https://github.com/advisories/GHSA-r3jh-qhgj-gvr8
reference_id GHSA-r3jh-qhgj-gvr8
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-r3jh-qhgj-gvr8
fixed_packages
0
url pkg:deb/debian/neutron@0?distro=trixie
purl pkg:deb/debian/neutron@0?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@0%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2023-3637, GHSA-r3jh-qhgj-gvr8
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ydug-1dq5-aya1
28
url VCID-yrqg-evxw-a7cb
vulnerability_id VCID-yrqg-evxw-a7cb
summary 
OpenStack Neutron Race condition vulnerability
Race condition in OpenStack Neutron before 2014.2.4 and 2015.1 before 2015.1.2, when using the ML2 plugin or the security groups AMQP API, allows remote authenticated users to bypass IP anti-spoofing controls by changing the device owner of a port to start with network: before the security group rules are applied.
references
0
reference_url http://rhn.redhat.com/errata/RHSA-2015-1909.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://rhn.redhat.com/errata/RHSA-2015-1909.html
1
reference_url https://access.redhat.com/errata/RHSA-2015:1909
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2015:1909
2
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5240.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5240.json
3
reference_url https://access.redhat.com/security/cve/CVE-2015-5240
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/security/cve/CVE-2015-5240
4
reference_url https://api.first.org/data/v1/epss?cve=CVE-2015-5240
reference_id
reference_type
scores
0
value 0.00128
scoring_system epss
scoring_elements 0.32238
published_at 2026-04-12T12:55:00Z
1
value 0.00128
scoring_system epss
scoring_elements 0.32336
published_at 2026-04-02T12:55:00Z
2
value 0.00128
scoring_system epss
scoring_elements 0.32374
published_at 2026-04-04T12:55:00Z
3
value 0.00128
scoring_system epss
scoring_elements 0.32198
published_at 2026-04-07T12:55:00Z
4
value 0.00128
scoring_system epss
scoring_elements 0.32246
published_at 2026-04-08T12:55:00Z
5
value 0.00128
scoring_system epss
scoring_elements 0.32274
published_at 2026-04-09T12:55:00Z
6
value 0.00128
scoring_system epss
scoring_elements 0.32276
published_at 2026-04-11T12:55:00Z
7
value 0.00128
scoring_system epss
scoring_elements 0.32207
published_at 2026-04-13T12:55:00Z
8
value 0.00128
scoring_system epss
scoring_elements 0.3219
published_at 2026-04-21T12:55:00Z
9
value 0.00128
scoring_system epss
scoring_elements 0.32219
published_at 2026-04-18T12:55:00Z
10
value 0.00128
scoring_system epss
scoring_elements 0.322
published_at 2026-04-01T12:55:00Z
11
value 0.00128
scoring_system epss
scoring_elements 0.3224
published_at 2026-04-16T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2015-5240
5
reference_url https://bugs.launchpad.net/neutron/+bug/1489111
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/neutron/+bug/1489111
6
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1258458
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1258458
7
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5240
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5240
8
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
9
reference_url https://github.com/openstack/neutron/commit/767cea23de44a963c6793ffe30ea5c6827d27a38
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/767cea23de44a963c6793ffe30ea5c6827d27a38
10
reference_url https://github.com/openstack/neutron/commit/bbca973986fdc99eae9d1b2545e8246c0b2be2e2
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/bbca973986fdc99eae9d1b2545e8246c0b2be2e2
11
reference_url https://github.com/openstack/neutron/commit/fdc3431ccd219accf6a795079d9b67b8656eed8e
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/fdc3431ccd219accf6a795079d9b67b8656eed8e
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-5240
reference_id
reference_type
scores
0
value 3.5
scoring_system cvssv2
scoring_elements AV:N/AC:M/Au:S/C:N/I:P/A:N
1
value LOW
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2015-5240
13
reference_url https://security.openstack.org/ossa/OSSA-2015-018.html
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2015-018.html
14
reference_url http://www.openwall.com/lists/oss-security/2015/09/08/9
reference_id
reference_type
scores
0
value LOW
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2015/09/08/9
15
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2014.2.3:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:2014.2.3:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2014.2.3:*:*:*:*:*:*:*
16
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2015.1.0:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:2015.1.0:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2015.1.0:*:*:*:*:*:*:*
17
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2015.1.1:*:*:*:*:*:*:*
reference_id cpe:2.3:a:openstack:neutron:2015.1.1:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openstack:neutron:2015.1.1:*:*:*:*:*:*:*
18
reference_url https://github.com/advisories/GHSA-hhpj-6pj7-wpx5
reference_id GHSA-hhpj-6pj7-wpx5
reference_type
scores
0
value LOW
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-hhpj-6pj7-wpx5
fixed_packages
0
url pkg:deb/debian/neutron@1:7.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@1:7.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@1:7.0.0-1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2015-5240, GHSA-hhpj-6pj7-wpx5
risk_score 1.6
exploitability 0.5
weighted_severity 3.1
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yrqg-evxw-a7cb
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie