Comment 4 for bug 1938284

Note that you've changed the information type of this bug to Public Security, indicating it represents a possible security vulnerability. Since the OpenStack Vulnerability Management Team (VMT) does not officially oversee[*] the neutron-vpnaas deliverable, I'm adding a security advisory task with a Won't Fix status to indicate we're not tracking this for any future advisory publication.

[*] https://security.openstack.org/repos-overseen.html