VulnerableCode Package Details - pkg:pypi/neutron@23.0.0

Search for packages

Vulnerability	Summary	Fixed by
VCID-d7zk-1d89-dbbw Aliases: CVE-2024-53916 GHSA-f27h-g923-68hw	OpenStack Neutron can use an incorrect ID during policy enforcement In OpenStack Neutron before 25.0.1, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. It does not apply the proper policy check for changing network tags. An unprivileged tenant is able to change (add and clear) tags on network objects that do not belong to the tenant, and this action is not subjected to the proper policy authorization check. This affects 23 before 23.2.1, 24 before 24.0.2, and 25 before 25.0.1.	23.2.1 Affected by 0 other vulnerabilities. 24.0.0.0b1 Affected by 0 other vulnerabilities. 24.0.2 Affected by 0 other vulnerabilities. 25.0.0.0b1 Affected by 0 other vulnerabilities. 25.0.1 Affected by 0 other vulnerabilities. 26.0.0.0b1 Affected by 0 other vulnerabilities.

Vulnerability

Summary

Fixed by

VCID-d7zk-1d89-dbbw
Aliases:
CVE-2024-53916
GHSA-f27h-g923-68hw

OpenStack Neutron can use an incorrect ID during policy enforcement In OpenStack Neutron before 25.0.1, neutron/extensions/tagging.py can use an incorrect ID during policy enforcement. It does not apply the proper policy check for changing network tags. An unprivileged tenant is able to change (add and clear) tags on network objects that do not belong to the tenant, and this action is not subjected to the proper policy authorization check. This affects 23 before 23.2.1, 24 before 24.0.2, and 25 before 25.0.1.

23.2.1
Affected by 0 other vulnerabilities.

24.0.0.0b1
Affected by 0 other vulnerabilities.

24.0.2
Affected by 0 other vulnerabilities.

25.0.0.0b1
Affected by 0 other vulnerabilities.

25.0.1
Affected by 0 other vulnerabilities.

26.0.0.0b1
Affected by 0 other vulnerabilities.

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Vulnerability

Summary

Aliases

This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T23:15:33.178573+00:00	GitLab Importer	Affected by	VCID-d7zk-1d89-dbbw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/neutron/CVE-2024-53916.yml	38.4.0
2026-04-12T00:34:11.562117+00:00	GitLab Importer	Affected by	VCID-d7zk-1d89-dbbw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/neutron/CVE-2024-53916.yml	38.3.0
2026-04-07T04:56:30.388599+00:00	GHSA Importer	Affected by	VCID-d7zk-1d89-dbbw	https://github.com/advisories/GHSA-f27h-g923-68hw	38.1.0
2026-04-03T00:41:55.716758+00:00	GitLab Importer	Affected by	VCID-d7zk-1d89-dbbw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/neutron/CVE-2024-53916.yml	38.1.0
2026-04-02T12:40:27.770358+00:00	GitLab Importer	Affected by	VCID-d7zk-1d89-dbbw	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/pypi/neutron/CVE-2024-53916.yml	38.0.0