Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:pypi/neutron@9.0.0

Type pypi

Namespace

Name neutron

Version 9.0.0

Qualifiers

Subpath

Is_vulnerable true

Next_non_vulnerable_version 10.0.8

Latest_non_vulnerable_version 2015.1.1

Affected_by_vulnerabilities

url VCID-737y-rfry-dqed

vulnerability_id VCID-737y-rfry-dqed

summary

Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition)
A race-condition flaw was discovered in openstack-neutron: following a minor overcloud update, neutron security groups were disabled.

references

reference_url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7543
reference_id
reference_type
scores
url	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2017-7543

reference_url	http://www.securityfocus.com/bid/100237
reference_id
reference_type
scores
url	http://www.securityfocus.com/bid/100237

reference_url	https://nvd.nist.gov/vuln/detail/CVE-2017-7543
reference_id	CVE-2017-7543
reference_type
scores
url	https://nvd.nist.gov/vuln/detail/CVE-2017-7543

fixed_packages

url pkg:pypi/neutron@10.0.5

purl pkg:pypi/neutron@10.0.5

is_vulnerable true

affected_by_vulnerabilities

vulnerability	VCID-1444-3h31-3kdv

vulnerability	VCID-69mn-brsx-xydy

vulnerability	VCID-jecq-8kqy-sfg8

vulnerability	VCID-mcet-nkj3-bug8

vulnerability	VCID-p5ww-51mu-buf5

vulnerability	VCID-p6g8-396q-t7ck

vulnerability	VCID-t5sb-ghkg-zbb6

vulnerability	VCID-wa91-gzx6-h7gu

resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@10.0.5

aliases CVE-2017-7543

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-737y-rfry-dqed

Fixing_vulnerabilities

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:pypi/neutron@9.0.0

Package Instance