PYSEC-2019-189

See a problem?
Import Source
https://github.com/pypa/advisory-database/blob/main/vulns/neutron/PYSEC-2019-189.yaml
JSON Data
https://api.osv.dev/v1/vulns/PYSEC-2019-189
Aliases
Published
2019-04-05T05:29:00Z
Modified
2024-04-10T19:12:36.776407Z
Summary
[none]
Details

An issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected.

References

Affected packages

PyPI / neutron

Package

Affected ranges

Type
ECOSYSTEM
Events
Introduced
12.0.0
Fixed
12.0.6
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
11.0.7
Introduced
13.0.0
Fixed
13.0.3

Affected versions

0.*

0.0

10.*

10.0.5
10.0.6
10.0.7

11.*

11.0.3
11.0.4
11.0.5
11.0.6

12.*

12.0.0
12.0.1
12.0.2
12.0.3
12.0.4
12.0.5

13.*

13.0.0
13.0.1
13.0.2