Search for packages
| purl | pkg:deb/debian/neutron@0?distro=trixie |
| Vulnerability | Summary | Fixed by |
|---|---|---|
| This package is not known to be affected by vulnerabilities. | ||
| Vulnerability | Summary | Aliases |
|---|---|---|
| VCID-26nq-rncj-qbbv | openstack-neutron: regression of fix for CVE-2013-6433 |
CVE-2014-3632
|
| VCID-d7zk-1d89-dbbw | OpenStack Neutron can use an incorrect ID during policy enforcement In OpenStack Neutron before 25.0.1, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. It does not apply the proper policy check for changing network tags. An unprivileged tenant is able to change (add and clear) tags on network objects that do not belong to the tenant, and this action is not subjected to the proper policy authorization check. This affects 23 before 23.2.1, 24 before 24.0.2, and 25 before 25.0.1. |
CVE-2024-53916
GHSA-f27h-g923-68hw |
| VCID-s58r-txyg-g3aw | Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition) A race-condition flaw was discovered in openstack-neutron: following a minor overcloud update, neutron security groups were disabled. |
CVE-2017-7543
GHSA-hvxr-2fvv-c3wq |
| VCID-tmfc-jgc1-ykat | openstack-neutron: L3 agent denial of service with radvd 2.0+ (OSSA 2015-001) |
CVE-2014-8153
|
| VCID-ydug-1dq5-aya1 | Uncontrolled Resource Consumption An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significant number of requests, this could lead to a denial of service. |
CVE-2023-3637
GHSA-r3jh-qhgj-gvr8 |