Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/neutron@17.1.3
Typepypi
Namespace
Nameneutron
Version17.1.3
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version17.2.1
Latest_non_vulnerable_version2015.1.1
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-1444-3h31-3kdv
vulnerability_id VCID-1444-3h31-3kdv
summary OpenStack Neutron before 16.4.1, 17.x before 17.1.3, and 18.0.0 allows hardware address impersonation when the linuxbridge driver with ebtables-nft is used on a Netfilter-based platform. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the hardware addresses of other systems on the network, resulting in denial of service or in some cases possibly interception of traffic intended for other destinations.
references
0
reference_url https://launchpad.net/bugs/1938670
reference_id
reference_type
scores
url https://launchpad.net/bugs/1938670
fixed_packages
0
url pkg:pypi/neutron@16.4.1
purl pkg:pypi/neutron@16.4.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@16.4.1
1
url pkg:pypi/neutron@17.1.3
purl pkg:pypi/neutron@17.1.3
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@17.1.3
2
url pkg:pypi/neutron@18.1.0
purl pkg:pypi/neutron@18.1.0
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-69mn-brsx-xydy
1
vulnerability VCID-p6g8-396q-t7ck
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@18.1.0
aliases CVE-2021-38598, PYSEC-2021-360
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1444-3h31-3kdv
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/neutron@17.1.3