OpenStack Compute (Nova) before 2014.1.4 and 2014.2.x before 2014.2.1 allows remote authenticated users to cause a denial of service (CPU consumption) via an IP filter in a list active servers API request.
| Score | Percentile |
|---|---|
| 1.06% | 77.50% |
No CVSS scores in this advisory.
| Type | Value |
|---|---|
| GHSA | GHSA-43hc-pwvx-pmfg ↗ |
| CVE | CVE-2014-3708 ↗ |
Vulnerable version ranges and first patched releases as published by GitHub.
| Ecosystem | Package | Vulnerable range | First patched | Vulnerable functions |
|---|---|---|---|---|
| pip | nova | < 2014.1.4 | 2014.1.4 | — |
| pip | nova | >= 2014.2.0, < 2014.2.1 | 2014.2.1 | — |