Search for packages
| purl | pkg:rpm/redhat/openstack-neutron@1:12.0.5-11?arch=el7ost |
| Next non-vulnerable version | None. |
| Latest non-vulnerable version | None. |
| Risk | 4.0 |
| Vulnerability | Summary | Fixed by |
|---|---|---|
|
VCID-4fyj-d9qy-fffp
Aliases: CVE-2019-10876 GHSA-jr9m-v5qh-mh2j PYSEC-2019-189 |
An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected. | There are no reported fixed by versions. |
|
VCID-b3pu-ncrc-wbhn
Aliases: CVE-2019-9735 GHSA-9773-3fqg-8w25 PYSEC-2019-190 |
An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By setting a destination port in a security group rule along with a protocol that doesn't support that option (for example, VRRP), an authenticated user may block further application of security group rules for instances from any project/tenant on the compute hosts to which it's applied. (Only deployments using the iptables security group driver are affected.) | There are no reported fixed by versions. |
| Vulnerability | Summary | Aliases |
|---|---|---|
| This package is not known to fix vulnerabilities. | ||
| Date | Actor | Action | Vulnerability | Source | VulnerableCode Version |
|---|---|---|---|---|---|
| 2026-04-01T14:20:52.637823+00:00 | RedHat Importer | Affected by | VCID-4fyj-d9qy-fffp | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-10876.json | 38.0.0 |
| 2026-04-01T14:20:51.818535+00:00 | RedHat Importer | Affected by | VCID-b3pu-ncrc-wbhn | https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2019-9735.json | 38.0.0 |