Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:pypi/neutron@8.0.0
Typepypi
Namespace
Nameneutron
Version8.0.0
Qualifiers
Subpath
Is_vulnerabletrue
Next_non_vulnerable_version8.1.0
Latest_non_vulnerable_version2015.1.1
Affected_by_vulnerabilities
0
url VCID-6mxz-st39-zyh3
vulnerability_id VCID-6mxz-st39-zyh3
summary 
OpenStack Neutron allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address.
references
0
reference_url https://access.redhat.com/errata/RHSA-2016:1473
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1473
1
reference_url https://access.redhat.com/errata/RHSA-2016:1474
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1474
2
reference_url https://bugs.launchpad.net/neutron/+bug/1502933
reference_id
reference_type
scores
url https://bugs.launchpad.net/neutron/+bug/1502933
3
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
url https://github.com/openstack/neutron
4
reference_url https://github.com/openstack/neutron/commit/1d1159bb2b57f0b4193f8666f53736f05bf7eac9
reference_id
reference_type
scores
url https://github.com/openstack/neutron/commit/1d1159bb2b57f0b4193f8666f53736f05bf7eac9
5
reference_url https://github.com/openstack/neutron/commit/3e66b1a87544d7a127abceec13bfeacb8f18f7e1
reference_id
reference_type
scores
url https://github.com/openstack/neutron/commit/3e66b1a87544d7a127abceec13bfeacb8f18f7e1
6
reference_url https://review.openstack.org/#/c/300233
reference_id
reference_type
scores
url https://review.openstack.org/#/c/300233
7
reference_url https://review.openstack.org/#/c/310648
reference_id
reference_type
scores
url https://review.openstack.org/#/c/310648
8
reference_url https://review.openstack.org/#/c/310652
reference_id
reference_type
scores
url https://review.openstack.org/#/c/310652
9
reference_url https://security.openstack.org/ossa/OSSA-2016-009.html
reference_id
reference_type
scores
url https://security.openstack.org/ossa/OSSA-2016-009.html
10
reference_url https://nvd.nist.gov/vuln/detail/CVE-2015-8914
reference_id CVE-2015-8914
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2015-8914
11
reference_url https://github.com/advisories/GHSA-3vj4-cvjp-482h
reference_id GHSA-3vj4-cvjp-482h
reference_type
scores
url https://github.com/advisories/GHSA-3vj4-cvjp-482h
fixed_packages
0
url pkg:pypi/neutron@8.1.1
purl pkg:pypi/neutron@8.1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@8.1.1
aliases CVE-2015-8914, GHSA-3vj4-cvjp-482h
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6mxz-st39-zyh3
1
url VCID-737y-rfry-dqed
vulnerability_id VCID-737y-rfry-dqed
summary 
Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)
A race-condition flaw was discovered in openstack-neutron: following a minor overcloud update, neutron security groups were disabled.
references
0
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7543
reference_id
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7543
1
reference_url http://www.securityfocus.com/bid/100237
reference_id
reference_type
scores
url http://www.securityfocus.com/bid/100237
2
reference_url https://nvd.nist.gov/vuln/detail/CVE-2017-7543
reference_id CVE-2017-7543
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2017-7543
fixed_packages
0
url pkg:pypi/neutron@10.0.5
purl pkg:pypi/neutron@10.0.5
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-1444-3h31-3kdv
1
vulnerability VCID-69mn-brsx-xydy
2
vulnerability VCID-jecq-8kqy-sfg8
3
vulnerability VCID-mcet-nkj3-bug8
4
vulnerability VCID-p5ww-51mu-buf5
5
vulnerability VCID-p6g8-396q-t7ck
6
vulnerability VCID-t5sb-ghkg-zbb6
7
vulnerability VCID-wa91-gzx6-h7gu
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@10.0.5
aliases CVE-2017-7543
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-737y-rfry-dqed
2
url VCID-cwwz-4a6e-tugg
vulnerability_id VCID-cwwz-4a6e-tugg
summary 
OpenStack Neutron allows remote attackers to bypass an intended DHCP-spoofing protection mechanism
The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message.
references
0
reference_url https://access.redhat.com/errata/RHSA-2016:1473
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1473
1
reference_url https://access.redhat.com/errata/RHSA-2016:1474
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1474
2
reference_url https://bugs.launchpad.net/neutron/+bug/1558658
reference_id
reference_type
scores
url https://bugs.launchpad.net/neutron/+bug/1558658
3
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
url https://github.com/openstack/neutron
4
reference_url https://review.openstack.org/#/c/300202
reference_id
reference_type
scores
url https://review.openstack.org/#/c/300202
5
reference_url https://review.openstack.org/#/c/303563
reference_id
reference_type
scores
url https://review.openstack.org/#/c/303563
6
reference_url https://review.openstack.org/#/c/303572
reference_id
reference_type
scores
url https://review.openstack.org/#/c/303572
7
reference_url https://security.openstack.org/ossa/OSSA-2016-009.html
reference_id
reference_type
scores
url https://security.openstack.org/ossa/OSSA-2016-009.html
8
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5362
reference_id CVE-2016-5362
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-5362
9
reference_url https://github.com/advisories/GHSA-qpwc-p365-pqrr
reference_id GHSA-qpwc-p365-pqrr
reference_type
scores
url https://github.com/advisories/GHSA-qpwc-p365-pqrr
fixed_packages
0
url pkg:pypi/neutron@8.1.1
purl pkg:pypi/neutron@8.1.1
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@8.1.1
aliases CVE-2016-5362, GHSA-qpwc-p365-pqrr
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cwwz-4a6e-tugg
3
url VCID-m7vh-gw28-wbas
vulnerability_id VCID-m7vh-gw28-wbas
summary 
OpenStack Neutron Intended MAC-spoofing protection mechanism bypass
The IPTables firewall in OpenStack Neutron up to 7.0.4 and 8.x before 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via (1) a crafted DHCP discovery message or (2) crafted non-IP traffic.
references
0
reference_url https://access.redhat.com/errata/RHSA-2016:1473
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1473
1
reference_url https://access.redhat.com/errata/RHSA-2016:1474
reference_id
reference_type
scores
url https://access.redhat.com/errata/RHSA-2016:1474
2
reference_url https://bugs.launchpad.net/neutron/+bug/1558658
reference_id
reference_type
scores
url https://bugs.launchpad.net/neutron/+bug/1558658
3
reference_url https://github.com/openstack/neutron
reference_id
reference_type
scores
url https://github.com/openstack/neutron
4
reference_url https://github.com/openstack/neutron/commit/5853af9cba6733725d6c9ac0db644f426713f0cf
reference_id
reference_type
scores
url https://github.com/openstack/neutron/commit/5853af9cba6733725d6c9ac0db644f426713f0cf
5
reference_url https://github.com/openstack/neutron/commit/6a93ee8ac1a901c255e3475a24f1afc11d8bf80f
reference_id
reference_type
scores
url https://github.com/openstack/neutron/commit/6a93ee8ac1a901c255e3475a24f1afc11d8bf80f
6
reference_url https://github.com/openstack/neutron/commit/997d7b03fb7f5528f0a3ce70867b9dcd9321509e
reference_id
reference_type
scores
url https://github.com/openstack/neutron/commit/997d7b03fb7f5528f0a3ce70867b9dcd9321509e
7
reference_url https://github.com/openstack/neutron/commit/fd5fd259a02156babdfcb12f66cde6ec9e7274ae
reference_id
reference_type
scores
url https://github.com/openstack/neutron/commit/fd5fd259a02156babdfcb12f66cde6ec9e7274ae
8
reference_url https://review.openstack.org/#/c/299021
reference_id
reference_type
scores
url https://review.openstack.org/#/c/299021
9
reference_url https://review.openstack.org/#/c/299023
reference_id
reference_type
scores
url https://review.openstack.org/#/c/299023
10
reference_url https://review.openstack.org/#/c/299025
reference_id
reference_type
scores
url https://review.openstack.org/#/c/299025
11
reference_url https://security.openstack.org/ossa/OSSA-2016-009.html
reference_id
reference_type
scores
url https://security.openstack.org/ossa/OSSA-2016-009.html
12
reference_url https://nvd.nist.gov/vuln/detail/CVE-2016-5363
reference_id CVE-2016-5363
reference_type
scores
url https://nvd.nist.gov/vuln/detail/CVE-2016-5363
13
reference_url https://github.com/advisories/GHSA-9pp3-cvmq-9p22
reference_id GHSA-9pp3-cvmq-9p22
reference_type
scores
url https://github.com/advisories/GHSA-9pp3-cvmq-9p22
fixed_packages
0
url pkg:pypi/neutron@8.1.0
purl pkg:pypi/neutron@8.1.0
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@8.1.0
aliases CVE-2016-5363, GHSA-9pp3-cvmq-9p22
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m7vh-gw28-wbas
Fixing_vulnerabilities
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:pypi/neutron@8.0.0