CVE-2021-40797
pypi/neutron
Missing Release of Resource after Effective Lifetime
By making API requests involving nonexistent controllers, an authenticated user may cause the API worker to consume increasing amounts of memory, resulting in API performance degradation or denial of service.
All versions before 16.4.1, all versions starting from 17.0.0 before 17.2.1, all versions starting from 18.0.0 before 18.1.1
Upgrade to versions 16.4.1, 17.2.1, 18.1.1 or above.
2021-09-16
source |