{"id":"CVE-2022-3277","details":"An uncontrolled resource consumption flaw was found in openstack-neutron. This flaw allows a remote authenticated user to query a list of security groups for an invalid project. This issue creates resources that are unconstrained by the user's quota. If a malicious user were to submit a significant number of requests, this could lead to a denial of service.","aliases":["GHSA-w446-h7vg-wv3p"],"modified":"2026-04-10T04:48:17.019136Z","published":"2023-03-06T23:15:10.763Z","references":[{"type":"FIX","url":"https://bugs.launchpad.net/neutron/+bug/1988026"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2129193"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openstack/neutron","events":[{"introduced":"0"},{"fixed":"93e7091a13f8471cfe77310802c12ede479e779f"},{"introduced":"23f956ab37618d5ec6b1b2bf0d50dea7a601513c"},{"fixed":"fc62d1ea8ef5024cd1b851dab2f765ba425279c3"},{"introduced":"0"},{"last_affected":"b6314ea6c3df11c6b27cd39844c53b65be0d9060"},{"introduced":"0"},{"last_affected":"711cd65118ace8609b69f1588238a2a10b0123c1"},{"introduced":"0"},{"last_affected":"70d0a7e769a88330118dde7073bdcb4bab04ba7c"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"18.6.0"},{"introduced":"19.0.0"},{"fixed":"19.5.0"},{"introduced":"0"},{"last_affected":"13.0"},{"introduced":"0"},{"last_affected":"16.1"},{"introduced":"0"},{"last_affected":"16.2"}]}}],"versions":["10.0.0.0b1","10.0.0.0b2","10.0.0.0b3","10.0.0.0rc1","11.0.0.0b1","11.0.0.0b2","11.0.0.0b3","11.0.0.0rc1","12.0.0.0b1","12.0.0.0b2","12.0.0.0b3","12.0.0.0rc1","13.0.0","13.0.0.0b1","13.0.0.0b2","13.0.0.0b3","13.0.0.0rc1","13.0.0.0rc2","14.0.0","14.0.0.0b1","14.0.0.0b2","14.0.0.0b3","14.0.0.0rc1","15.0.0.0b1","15.0.0.0rc1","16.0.0","16.0.0.0b1","16.0.0.0rc1","16.0.0.0rc2","16.1.0","16.2.0","17.0.0.0rc1","18.0.0","18.0.0.0rc1","18.0.0.0rc2","18.1.0","18.1.1","18.2.0","18.3.0","18.4.0","18.5.0","19.0.0","19.0.0.0rc2","19.1.0","19.2.0","19.3.0","19.4.0","2013.1.g3","2013.2.b2","2013.2.rc1","2014.1.b1","2014.1.b2","2014.1.b3","2014.1.rc1","2014.2.b1","2014.2.b2","2014.2.b3","2014.2.rc1","2015.1.0b1","2015.1.0b2","2015.1.0b3","2015.1.0rc1","7.0.0.0b1","7.0.0.0b2","7.0.0.0b3","7.0.0a0","8.0.0.0b1","8.0.0.0b2","8.0.0.0b3","8.0.0.0rc1","9.0.0.0b1","9.0.0.0b2","9.0.0.0b3","9.0.0.0rc1","essex-1","essex-3","folsom-1","folsom-3","grizzly-1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-3277.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}