Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:deb/debian/neutron@2:13.0.0-1?distro=trixie
Typedeb
Namespacedebian
Nameneutron
Version2:13.0.0-1
Qualifiers
distro trixie
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version2:13.0.2-13
Latest_non_vulnerable_version2:28.0.0-1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-57rk-q94h-3kgz
vulnerability_id VCID-57rk-q94h-3kgz
summary When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from outside of the allowed allocation pool. Versions of openstack-neutron before 13.0.0.0b2, 12.0.3 and 11.0.5 are vulnerable.
references
0
reference_url https://access.redhat.com/errata/RHSA-2018:2710
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2710
1
reference_url https://access.redhat.com/errata/RHSA-2018:2715
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2715
2
reference_url https://access.redhat.com/errata/RHSA-2018:2721
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:2721
3
reference_url https://access.redhat.com/errata/RHSA-2018:3792
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://access.redhat.com/errata/RHSA-2018:3792
4
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14635.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14635.json
5
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14635
reference_id
reference_type
scores
0
value 0.00306
scoring_system epss
scoring_elements 0.53873
published_at 2026-04-12T12:55:00Z
1
value 0.00306
scoring_system epss
scoring_elements 0.53857
published_at 2026-04-13T12:55:00Z
2
value 0.00306
scoring_system epss
scoring_elements 0.53896
published_at 2026-04-16T12:55:00Z
3
value 0.00306
scoring_system epss
scoring_elements 0.539
published_at 2026-04-18T12:55:00Z
4
value 0.00306
scoring_system epss
scoring_elements 0.53881
published_at 2026-04-21T12:55:00Z
5
value 0.00306
scoring_system epss
scoring_elements 0.53848
published_at 2026-04-24T12:55:00Z
6
value 0.00306
scoring_system epss
scoring_elements 0.53843
published_at 2026-04-09T12:55:00Z
7
value 0.00306
scoring_system epss
scoring_elements 0.53845
published_at 2026-04-08T12:55:00Z
8
value 0.00306
scoring_system epss
scoring_elements 0.53819
published_at 2026-04-04T12:55:00Z
9
value 0.00306
scoring_system epss
scoring_elements 0.53793
published_at 2026-04-07T12:55:00Z
10
value 0.00306
scoring_system epss
scoring_elements 0.53773
published_at 2026-04-01T12:55:00Z
11
value 0.00306
scoring_system epss
scoring_elements 0.53891
published_at 2026-04-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14635
6
reference_url https://bugs.launchpad.net/neutron/+bug/1757482
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/neutron/+bug/1757482
7
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14635
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14635
8
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14635
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14635
9
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
10
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
11
reference_url https://github.com/openstack/neutron/commit/54aa6e81cb17b33ce4d5d469cc11dec2869c762d
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/54aa6e81cb17b33ce4d5d469cc11dec2869c762d
12
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2018-93.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2018-93.yaml
13
reference_url https://git.openstack.org/cgit/openstack/neutron/commit/?id=54aa6e81cb17b33ce4d5d469cc11dec2869c762d
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://git.openstack.org/cgit/openstack/neutron/commit/?id=54aa6e81cb17b33ce4d5d469cc11dec2869c762d
14
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1607822
reference_id 1607822
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1607822
15
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14635
reference_id CVE-2018-14635
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14635
16
reference_url https://github.com/advisories/GHSA-x634-34m9-96mp
reference_id GHSA-x634-34m9-96mp
reference_type
scores
0
value HIGH
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-x634-34m9-96mp
fixed_packages
0
url pkg:deb/debian/neutron@2:13.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:13.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:13.0.0-1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2018-14635, GHSA-x634-34m9-96mp, PYSEC-2018-93
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-57rk-q94h-3kgz
1
url VCID-ba8p-f96g-aqc3
vulnerability_id VCID-ba8p-f96g-aqc3
summary Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due to the Open vSwitch integration bridge being connected to the instance during migration. When connected to the integration bridge, all traffic for instances using the same Open vSwitch instance would potentially be visible to the migrated guest, as the required Open vSwitch VLAN filters are only applied post-migration. Versions of openstack-neutron before 13.0.0.0b2, 12.0.3, 11.0.5 are vulnerable.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14636.json
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14636.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2018-14636
reference_id
reference_type
scores
0
value 0.00203
scoring_system epss
scoring_elements 0.42287
published_at 2026-04-24T12:55:00Z
1
value 0.00203
scoring_system epss
scoring_elements 0.42352
published_at 2026-04-21T12:55:00Z
2
value 0.00203
scoring_system epss
scoring_elements 0.42422
published_at 2026-04-18T12:55:00Z
3
value 0.00203
scoring_system epss
scoring_elements 0.42466
published_at 2026-04-11T12:55:00Z
4
value 0.00203
scoring_system epss
scoring_elements 0.42448
published_at 2026-04-16T12:55:00Z
5
value 0.00203
scoring_system epss
scoring_elements 0.42399
published_at 2026-04-13T12:55:00Z
6
value 0.00203
scoring_system epss
scoring_elements 0.42429
published_at 2026-04-12T12:55:00Z
7
value 0.00203
scoring_system epss
scoring_elements 0.42347
published_at 2026-04-01T12:55:00Z
8
value 0.00203
scoring_system epss
scoring_elements 0.42418
published_at 2026-04-02T12:55:00Z
9
value 0.00203
scoring_system epss
scoring_elements 0.42447
published_at 2026-04-04T12:55:00Z
10
value 0.00203
scoring_system epss
scoring_elements 0.42385
published_at 2026-04-07T12:55:00Z
11
value 0.00203
scoring_system epss
scoring_elements 0.42436
published_at 2026-04-08T12:55:00Z
12
value 0.00203
scoring_system epss
scoring_elements 0.42443
published_at 2026-04-09T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2018-14636
2
reference_url https://bugs.launchpad.net/neutron/+bug/1734320
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/neutron/+bug/1734320
3
reference_url https://bugs.launchpad.net/neutron/+bug/1767422
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugs.launchpad.net/neutron/+bug/1767422
4
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14636
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14636
5
reference_url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14636
reference_id
reference_type
scores
url https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14636
6
reference_url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
url https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
7
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
8
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2018-94.yaml
reference_id
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2018-94.yaml
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1594977
reference_id 1594977
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1594977
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2018-14636
reference_id CVE-2018-14636
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
1
value 6.0
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N
2
value MODERATE
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2018-14636
11
reference_url https://github.com/advisories/GHSA-8q95-jj7p-x93x
reference_id GHSA-8q95-jj7p-x93x
reference_type
scores
0
value MODERATE
scoring_system cvssv3.1_qr
scoring_elements
url https://github.com/advisories/GHSA-8q95-jj7p-x93x
fixed_packages
0
url pkg:deb/debian/neutron@2:13.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:13.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:13.0.0-1%3Fdistro=trixie
1
url pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
purl pkg:deb/debian/neutron@2:17.2.1-0%2Bdeb11u1?distro=trixie
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-qua4-h1r7-a7b7
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:17.2.1-0%252Bdeb11u1%3Fdistro=trixie
2
url pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
purl pkg:deb/debian/neutron@2:21.0.0-7?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:21.0.0-7%3Fdistro=trixie
3
url pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
purl pkg:deb/debian/neutron@2:26.0.0-9?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:26.0.0-9%3Fdistro=trixie
4
url pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
purl pkg:deb/debian/neutron@2:27.0.1-6?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:27.0.1-6%3Fdistro=trixie
5
url pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
purl pkg:deb/debian/neutron@2:28.0.0-1?distro=trixie
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:28.0.0-1%3Fdistro=trixie
aliases CVE-2018-14636, GHSA-8q95-jj7p-x93x, PYSEC-2018-94
risk_score 3.1
exploitability 0.5
weighted_severity 6.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ba8p-f96g-aqc3
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:deb/debian/neutron@2:13.0.0-1%3Fdistro=trixie