CVE-2012-1585: OpenStack Nova Long server names grow nova-api log files significantly

May 14, 2022 (updated May 14, 2024)

OpenStack Compute (Nova) Essex before 2011.3 allows remote authenticated users to cause a denial of service (Nova-API log file and disk consumption) via a long server name.

References

bugs.launchpad.net/nova/+bug/962515
github.com/advisories/GHSA-pjvw-p2v5-wf6q
github.com/openstack/nova
nvd.nist.gov/vuln/detail/CVE-2012-1585

Code Behaviors & Features

Detect and mitigate CVE-2012-1585 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →