Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/neutron@12.1.1
Typepypi
Namespace
Nameneutron
Version12.1.1
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version16.4.1
Latest_non_vulnerable_version2015.1.1
Affected_by_vulnerabilities
0
url VCID-1444-3h31-3kdv
vulnerability_id VCID-1444-3h31-3kdv
summary OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the hardware addresses of other systems on the network, resulting in denial of service or in some cases possibly interception of traffic intended for other destinations.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38598.json
reference_id
reference_type
scores
0
value 5.9
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-38598.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-38598
reference_id
reference_type
scores
0
value 0.00138
scoring_system epss
scoring_elements 0.33562
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-38598
2
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
3
reference_url https://github.com/openstack/neutron/commit/0a931391d8990f3e654b4bfda24ae4119c609bbf
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/0a931391d8990f3e654b4bfda24ae4119c609bbf
4
reference_url https://github.com/openstack/neutron/commit/cc0d28a3e2ccfad6fc2ff24d78f009cbe3992575
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/cc0d28a3e2ccfad6fc2ff24d78f009cbe3992575
5
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-360.yaml
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-360.yaml
6
reference_url https://launchpad.net/bugs/1938670
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1938670
7
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-38598
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-38598
8
reference_url https://opendev.org/openstack/neutron/commit/fafa5dacd5057120562184a734e7345e7c0e9639
reference_id
reference_type
scores
0
value 9.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
1
value 8.8
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://opendev.org/openstack/neutron/commit/fafa5dacd5057120562184a734e7345e7c0e9639
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1995273
reference_id 1995273
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1995273
fixed_packages
0
url pkg:pypi/neutron@16.4.1
purl pkg:pypi/neutron@16.4.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@16.4.1
1
url pkg:pypi/neutron@17.1.3
purl pkg:pypi/neutron@17.1.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@17.1.3
2
url pkg:pypi/neutron@18.1.0
purl pkg:pypi/neutron@18.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-69mn-brsx-xydy
1
vulnerability VCID-p6g8-396q-t7ck
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@18.1.0
aliases CVE-2021-38598, GHSA-hvm4-mc7m-22w4, PYSEC-2021-360
risk_score 4.1
exploitability 0.5
weighted_severity 8.2
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1444-3h31-3kdv
1
url VCID-69mn-brsx-xydy
vulnerability_id VCID-69mn-brsx-xydy
summary An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. By making API requests involving nonexistent controllers, an authenticated user may cause the API worker to consume increasing amounts of memory, resulting in API performance degradation or denial of service.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40797.json
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40797.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-40797
reference_id
reference_type
scores
0
value 0.00694
scoring_system epss
scoring_elements 0.72273
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-40797
2
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
3
reference_url https://github.com/openstack/neutron/commit/e610a5eb9e71aa2549fb11e2139370d227787da2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/e610a5eb9e71aa2549fb11e2139370d227787da2
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-329.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-329.yaml
5
reference_url https://launchpad.net/bugs/1942179
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1942179
6
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-40797
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-40797
7
reference_url https://security.openstack.org/ossa/OSSA-2021-006.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2021-006.html
8
reference_url http://www.openwall.com/lists/oss-security/2021/09/09/2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/09/09/2
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=2003248
reference_id 2003248
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=2003248
10
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994202
reference_id 994202
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994202
11
reference_url https://access.redhat.com/errata/RHSA-2022:0990
reference_id RHSA-2022:0990
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0990
12
reference_url https://access.redhat.com/errata/RHSA-2022:0996
reference_id RHSA-2022:0996
reference_type
scores
url https://access.redhat.com/errata/RHSA-2022:0996
fixed_packages
0
url pkg:pypi/neutron@16.4.1
purl pkg:pypi/neutron@16.4.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@16.4.1
1
url pkg:pypi/neutron@17.2.1
purl pkg:pypi/neutron@17.2.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@17.2.1
2
url pkg:pypi/neutron@18.1.1
purl pkg:pypi/neutron@18.1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@18.1.1
aliases CVE-2021-40797, GHSA-cpx3-696p-3cw9, PYSEC-2021-329
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-69mn-brsx-xydy
2
url VCID-p6g8-396q-t7ck
vulnerability_id VCID-p6g8-396q-t7ck
summary An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. Authenticated attackers can reconfigure dnsmasq via a crafted extra_dhcp_opts value.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40085.json
reference_id
reference_type
scores
0
value 7.6
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-40085.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-40085
reference_id
reference_type
scores
0
value 0.01348
scoring_system epss
scoring_elements 0.8042
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-40085
2
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
3
reference_url https://github.com/openstack/neutron/commit/df891f0593d234e01f27d7c0376d9702e178ecfb
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron/commit/df891f0593d234e01f27d7c0376d9702e178ecfb
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-361.yaml
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-361.yaml
5
reference_url https://launchpad.net/bugs/1939733
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://launchpad.net/bugs/1939733
6
reference_url https://lists.debian.org/debian-lts-announce/2021/10/msg00005.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2021/10/msg00005.html
7
reference_url https://lists.debian.org/debian-lts-announce/2022/05/msg00038.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://lists.debian.org/debian-lts-announce/2022/05/msg00038.html
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-40085
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-40085
9
reference_url https://security.openstack.org/ossa/OSSA-2021-005.html
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2021-005.html
10
reference_url https://www.debian.org/security/2021/dsa-4983
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://www.debian.org/security/2021/dsa-4983
11
reference_url http://www.openwall.com/lists/oss-security/2021/08/31/2
reference_id
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url http://www.openwall.com/lists/oss-security/2021/08/31/2
12
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1998052
reference_id 1998052
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=1998052
13
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993398
reference_id 993398
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=993398
14
reference_url https://access.redhat.com/errata/RHSA-2021:3481
reference_id RHSA-2021:3481
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3481
15
reference_url https://access.redhat.com/errata/RHSA-2021:3488
reference_id RHSA-2021:3488
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3488
16
reference_url https://access.redhat.com/errata/RHSA-2021:3502
reference_id RHSA-2021:3502
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3502
17
reference_url https://access.redhat.com/errata/RHSA-2021:3503
reference_id RHSA-2021:3503
reference_type
scores
url https://access.redhat.com/errata/RHSA-2021:3503
fixed_packages
0
url pkg:pypi/neutron@16.4.1
purl pkg:pypi/neutron@16.4.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@16.4.1
1
url pkg:pypi/neutron@17.2.1
purl pkg:pypi/neutron@17.2.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@17.2.1
2
url pkg:pypi/neutron@18.1.1
purl pkg:pypi/neutron@18.1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@18.1.1
aliases CVE-2021-40085, GHSA-fh73-gjvg-349c, PYSEC-2021-361
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p6g8-396q-t7ck
3
url VCID-wa91-gzx6-h7gu
vulnerability_id VCID-wa91-gzx6-h7gu
summary A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some cases possibly interception of traffic intended for other destinations. Only deployments using the Open vSwitch driver are affected. Source: OpenStack project. Versions before openstack-neutron 15.3.3, openstack-neutron 16.3.1 and openstack-neutron 17.1.1 are affected.
references
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20267.json
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2021-20267.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2021-20267
reference_id
reference_type
scores
0
value 0.00126
scoring_system epss
scoring_elements 0.31472
published_at 2026-06-04T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2021-20267
2
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=1934330
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://bugzilla.redhat.com/show_bug.cgi?id=1934330
3
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/openstack/neutron
4
reference_url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-136.yaml
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://github.com/pypa/advisory-database/tree/main/vulns/neutron/PYSEC-2021-136.yaml
5
reference_url https://nvd.nist.gov/vuln/detail/CVE-2021-20267
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://nvd.nist.gov/vuln/detail/CVE-2021-20267
6
reference_url https://security.openstack.org/ossa/OSSA-2021-001.html
reference_id
reference_type
scores
0
value 7.1
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
1
value 7.1
scoring_system cvssv4
scoring_elements CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N
2
value HIGH
scoring_system generic_textual
scoring_elements
url https://security.openstack.org/ossa/OSSA-2021-001.html
7
reference_url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985104
reference_id 985104
reference_type
scores
url https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=985104
fixed_packages
0
url pkg:pypi/neutron@15.3.3
purl pkg:pypi/neutron@15.3.3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1444-3h31-3kdv
1
vulnerability VCID-69mn-brsx-xydy
2
vulnerability VCID-p6g8-396q-t7ck
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@15.3.3
1
url pkg:pypi/neutron@16.3.1
purl pkg:pypi/neutron@16.3.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1444-3h31-3kdv
1
vulnerability VCID-69mn-brsx-xydy
2
vulnerability VCID-p6g8-396q-t7ck
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@16.3.1
2
url pkg:pypi/neutron@17.1.1
purl pkg:pypi/neutron@17.1.1
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1444-3h31-3kdv
1
vulnerability VCID-69mn-brsx-xydy
2
vulnerability VCID-p6g8-396q-t7ck
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@17.1.1
aliases CVE-2021-20267, GHSA-w8hx-f868-pvch, PYSEC-2021-136
risk_score 4.0
exploitability 0.5
weighted_severity 8.0
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wa91-gzx6-h7gu
Fixing_vulnerabilities
Risk_score4.1
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/neutron@12.1.1