An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significant number of requests, this could lead to a denial of service.

Affected Packages

PyPI neutron

Affected versions: 0 (last affected: 22.0.2)

Related CVEs

CVE-2023-3637

Key Information

GHSA ID

GHSA-r3jh-qhgj-gvr8

Published

July 25, 2023 3:30 PM

Last Modified

July 31, 2023 6:59 PM

CVSS Score

5.0 /10

Primary Ecosystem

PyPI

Primary Package

neutron

GitHub Reviewed

✓ Yes

Dataset

Last updated: June 18, 2025 6:25 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.