-
CVSS Score
-Basic Information
CVE ID
-
GHSA ID
-
EPSS Score
-
CWE
-
Published
-
Updated
-
KEV Status
-
Technology
-
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| neutron | pip | < 2013.2.4 | 2013.2.4 |
| neutron | pip | >= 2014.1.0, < 2014.1.2 | 2014.1.2 |
PythonPythonMiggo AIRoot Cause AnalysisThe vulnerability stems from missing quota checks when processing allowed address pairs. The patches add validation in _validate_allowed_address_pairs and its callers. These functions would appear in profilers when handling malicious API requests creating numerous address pairs. The database mixin function is included as it's the entry point that would show up in stack traces during mass rule creation attempts.
KEV Misses 88% of Exploited CVEs- Get the report