Search for packages
| purl | pkg:rpm/redhat/openstack-neutron@1:11.0.4-6?arch=el7ost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-57rk-q94h-3kgz
Aliases: CVE-2018-14635 GHSA-x634-34m9-96mp PYSEC-2018-93 |
When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from outside of the allowed allocation pool. Versions of openstack-neutron before 13.0.0.0b2, 12.0.3 and 11.0.5 are vulnerable. | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:25:45.893823+00:00 | RedHat Importer | Affected by | VCID-57rk-q94h-3kgz | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-14635.json | 38.0.0 |