DescriptionAn issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. By making API requests involving nonexistent controllers, an authenticated user may cause the API worker to consume increasing amounts of memory, resulting in API performance degradation or denial of service.
Overall state of this security issue: Pending
This issue is currently rated as having moderate severity.
Status of this issue by product and package
Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification.
|HPE Helion OpenStack 8||openstack-neutron||Affected|
|SUSE OpenStack Cloud 8||openstack-neutron||Affected|
|SUSE OpenStack Cloud 9||openstack-neutron||Affected|
|SUSE OpenStack Cloud Crowbar 8||openstack-neutron||Affected|
|SUSE OpenStack Cloud Crowbar 9||openstack-neutron||Affected|