{"id":"PYSEC-2026-856","summary":"OpenStack Neutron Improper Input Validation vulnerability","details":"OpenStack Neutron before 2014.2.4 (juno) and 2015.1.x before 2015.1.1 (kilo), when using the IPTables firewall driver, allows remote authenticated users to cause a denial of service (L2 agent crash) by adding an address pair that is rejected by the ipset tool.","aliases":["CVE-2015-3221","GHSA-wf44-4mgj-rwvx"],"modified":"2026-07-07T11:45:19.048492069Z","published":"2026-07-06T08:03:23.909736Z","references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2015-3221"},{"type":"WEB","url":"https://access.redhat.com/errata/RHSA-2015:1680"},{"type":"WEB","url":"https://access.redhat.com/security/cve/CVE-2015-3221"},{"type":"WEB","url":"https://bugs.launchpad.net/neutron/+bug/1461054"},{"type":"WEB","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1232284"},{"type":"WEB","url":"https://git.openstack.org/cgit/openstack/neutron/commit/?id=9ff6138c47c95034ba845e9448ddffd147b51f38"},{"type":"PACKAGE","url":"https://opendev.org/openstack/neutron"},{"type":"WEB","url":"https://web.archive.org/web/20200228084753/http://www.securityfocus.com/bid/75368"},{"type":"WEB","url":"http://lists.openstack.org/pipermail/openstack-announce/2015-June/000377.html"},{"type":"WEB","url":"http://rhn.redhat.com/errata/RHSA-2015-1680.html"},{"type":"PACKAGE","url":"https://pypi.org/project/neutron"},{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-wf44-4mgj-rwvx"}],"affected":[{"package":{"name":"neutron","ecosystem":"PyPI","purl":"pkg:pypi/neutron"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2014.2.4"},{"introduced":"2015.1.0"},{"fixed":"2015.1.1"}]}],"versions":["0.0","10.0.5","10.0.6","10.0.7","11.0.3","11.0.4","11.0.5","11.0.6","11.0.7","11.0.8","12.0.0","12.0.0.0b3","12.0.0.0rc1","12.0.0.0rc2","12.0.1","12.0.2","12.0.3","12.0.4","12.0.5","12.0.6","12.1.0","12.1.1","13.0.0","13.0.0.0b1","13.0.0.0b2","13.0.0.0b3","13.0.0.0rc1","13.0.0.0rc2","13.0.1","13.0.2","13.0.3","13.0.4","13.0.5","13.0.6","13.0.7","14.0.0","14.0.0.0b1","14.0.0.0b2","14.0.0.0b3","14.0.0.0rc1","14.0.1","14.0.2","14.0.3","14.0.4","14.1.0","14.2.0","14.3.0","14.3.1","14.4.0","14.4.1","14.4.2","15.0.0","15.0.0.0b1","15.0.0.0rc1","15.0.0.0rc2","15.0.1","15.0.2","15.1.0","15.2.0","15.3.0","15.3.1","15.3.2","15.3.3","15.3.4","16.0.0","16.0.0.0b1","16.0.0.0rc1","16.0.0.0rc2","16.1.0","16.2.0","16.3.0","16.3.1","16.3.2","16.4.0","16.4.1","16.4.2","17.0.0","17.0.0.0rc1","17.0.0.0rc2","17.1.0","17.1.1","17.1.2","17.2.0","17.2.1","17.3.0","17.4.0","17.4.1","18.0.0","18.0.0.0rc1","18.0.0.0rc2","18.1.0","18.1.1","18.2.0","18.3.0","18.4.0","18.5.0","18.6.0","19.0.0","19.0.0.0rc1","19.0.0.0rc2","19.1.0","19.2.0","19.3.0","19.4.0","19.5.0","19.6.0","19.7.0","20.0.0","20.0.0.0rc1","20.0.0.0rc2","20.1.0","20.2.0","20.3.0","20.3.1","20.4.0","20.5.0","21.0.0","21.0.0.0rc1","21.0.0.0rc2","21.1.0","21.1.1","21.1.2","21.2.0","21.2.1","22.0.0","22.0.0.0rc1","22.0.0.0rc2","22.0.1","22.0.2","22.1.0","22.2.0","22.2.1","23.0.0","23.0.0.0b1","23.0.0.0b2","23.0.0.0b3","23.0.0.0rc1","23.0.0.0rc2","23.1.0","23.2.0","23.3.0","23.4.0","23.5.0","24.0.0","24.0.0.0b1","24.0.0.0rc1","24.0.0.0rc2","24.0.1","24.1.0","24.2.0","24.2.1","24.2.2","25.0.0","25.0.0.0b1","25.0.0.0rc1","25.0.0.0rc2","25.1.0","25.2.0","25.2.1","25.2.2","25.2.3","26.0.0","26.0.0.0b1","26.0.0.0b2","26.0.0.0rc1","26.0.0.0rc2","26.0.1","26.0.2","26.0.3","26.0.4","27.0.0","27.0.0.0b1","27.0.0.0rc1","27.0.1","27.0.2","27.0.3","28.0.0","28.0.0.0b1","28.0.0.0b2","28.0.0.0rc1","28.0.0.0rc2","28.0.1"],"database_specific":{"source":"https://github.com/pypa/advisory-database/blob/main/vulns/neutron/PYSEC-2026-856.yaml"}}],"schema_version":"1.7.5"}