PYSEC-2021-329

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/neutron/PYSEC-2021-329.yaml

JSON Data

https://api.osv.dev/v1/vulns/PYSEC-2021-329

Aliases

Published

2021-09-08T20:15:00Z

Modified

2024-02-23T21:56:42.775640Z

Summary

[none]

Details

An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. By making API requests involving nonexistent controllers, an authenticated user may cause the API worker to consume increasing amounts of memory, resulting in API performance degradation or denial of service.

References

Affected packages

PyPI / neutron

Package

Name: neutron; View open source insights on deps.dev
Purl: pkg:pypi/neutron

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

16.4.1

Introduced

17.0.0

Fixed

17.2.1

Introduced

18.0.0

Fixed

18.1.1

Affected versions

0.*

0.0

10.*

10.0.5

10.0.6

10.0.7

11.*

11.0.3

11.0.4

11.0.5

11.0.6

11.0.7

11.0.8

12.*

12.0.0.0b3

12.0.0.0rc1

12.0.0.0rc2

12.0.0

12.0.1

12.0.2

12.0.3

12.0.4

12.0.5

12.0.6

12.1.0

12.1.1

13.*

13.0.0.0b1

13.0.0.0b2

13.0.0.0b3

13.0.0.0rc1

13.0.0.0rc2

13.0.0

13.0.1

13.0.2

13.0.3

13.0.4

13.0.5

13.0.6

13.0.7

14.*

14.0.0.0b1

14.0.0.0b2

14.0.0.0b3

14.0.0.0rc1

14.0.0

14.0.1

14.0.2

14.0.3

14.0.4

14.1.0

14.2.0

14.3.0

14.3.1

14.4.0

14.4.1

14.4.2

15.*

15.0.0.0b1

15.0.0.0rc1

15.0.0.0rc2

15.0.0

15.0.1

15.0.2

15.1.0

15.2.0

15.3.0

15.3.1

15.3.2

15.3.3

15.3.4

16.*

16.0.0.0b1

16.0.0.0rc1

16.0.0.0rc2

16.0.0

16.1.0

16.2.0

16.3.0

16.3.1

16.3.2

16.4.0

17.*

17.0.0

17.1.0

17.1.1

17.1.2

17.2.0

18.*

18.0.0

18.1.0