cvedb.io
CVE-2021-40797
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2021-09-08T20:15:11.060 · Last modified 2026-06-17T04:07:27.940

Summary

An issue was discovered in the routes middleware in OpenStack Neutron before 16.4.1, 17.x before 17.2.1, and 18.x before 18.1.1. By making API requests involving nonexistent controllers, an authenticated user may cause the API worker to consume increasing amounts of memory, resulting in API performance degradation or denial of service.

Affected products

openstack — neutron

Does this affect you?

Add your gear to cvedb and we'll alert you only when openstack ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.