Vulnerabilities > Openstack > Neutron > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-06 | CVE-2022-3277 | Resource Exhaustion vulnerability in multiple products An uncontrolled resource consumption flaw was found in openstack-neutron. | 6.5 |
2021-09-08 | CVE-2021-40797 | Missing Release of Resource after Effective Lifetime vulnerability in Openstack Neutron An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. | 4.0 |
2021-08-31 | CVE-2021-40085 | An issue was discovered in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. | 4.0 |
2019-04-05 | CVE-2019-10876 | An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. | 4.0 |
2019-03-13 | CVE-2019-9735 | Improper Handling of Exceptional Conditions vulnerability in multiple products An issue was discovered in the iptables firewall module in OpenStack Neutron before 10.0.8, 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. | 4.0 |
2018-09-10 | CVE-2018-14635 | Improper Input Validation vulnerability in multiple products When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. | 4.0 |
2018-07-26 | CVE-2017-7543 | Race Condition vulnerability in multiple products A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. | 5.9 |
2016-06-17 | CVE-2016-5363 | 7PK - Security Features vulnerability in Openstack Neutron The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended MAC-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via (1) a crafted DHCP discovery message or (2) crafted non-IP traffic. | 6.4 |
2016-06-17 | CVE-2016-5362 | 7PK - Security Features vulnerability in Openstack Neutron The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended DHCP-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a crafted DHCP discovery message. | 6.4 |
2016-06-17 | CVE-2015-8914 | 7PK - Security Features vulnerability in Openstack Neutron The IPTables firewall in OpenStack Neutron before 7.0.4 and 8.0.0 through 8.1.0 allows remote attackers to bypass an intended ICMPv6-spoofing protection mechanism and consequently cause a denial of service or intercept network traffic via a link-local source address. | 6.4 |