Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

CVE-2021-40797

Related Vulnerabilities: CVE-2021-40797  

An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. By making API requests involving nonexistent controllers, an authenticated user may cause the API worker to consume increasing amounts of memory, resulting in API performance degradation or denial of service.

Source

Description

The MITRE CVE dictionary describes this issue as:

An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. By making API requests involving nonexistent controllers, an authenticated user may cause the API worker to consume increasing amounts of memory, resulting in API performance degradation or denial of service.

Additional Information

  • Bugzilla 2003248: CVE-2021-40797 openstack-neutron: Routes middleware memory leak for nonexistent controllers
  • CWE-770: Allocation of Resources Without Limits or Throttling
  • FAQ: Frequently asked questions about CVE-2021-40797

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started